The easiest method to not get infected by most e-mail worms is contained in a single word: paranoia. Do not trust any attachment unless...
a: You are 100% sure it came from the person it claims to have come from.
b: There are specific identifying markers in the email which only the sender would know or do.
c: The attachment is expected.
Vaguely worded messages with an unexpected attachment is almost certainly a worm. When in doubt, ask the supposed sender if they had sent something to you. By doing this most infections can be prevented outright.
Anti-Virus scanners are a great tool but they should not be considered a foolproof method of preventing infection. It can sometimes take hours, up to days, for the known virus/worm master database to be updated to include the latest threats. Then it could be hours, maybe days, until the program gets the latest update from the server. In short for the latest breaking virus/worms it is possible to be without protection from AV software for an extended period of time. Since many of these malicious programs attempt to thwart detection by altering or disabling AV software receiving the update after being infected does not automatically mean detection and removal! AV is a great second line of defense but basic paranoia about the attachments others send is still best.
In general this works for other forms of viruses and worms. IE, those that propagate through means other than e-mail. However some worms exploit security holes in Windows. So always make sure to have the latest patches from Microsoft. For the record those patches are never, ever, sent in e-mail. That's a common ploy by recent worms. Updates must be obtained from Microsoft's web-page or through the Windows Update tool.
last updated Mar 4, 2004