Computer-implemented methods, systems, and computer-readable media for detecting the presence of malicious computer code in an e-mail sent from a client computer (1) to an e-mail server (2). An embodiment of the inventive method comprises the steps of: interposing (41) an e-mail proxy server (31) between the client computer (1) and the e-mail server (2); allowing (42) the proxy server (31) to intercept e-mails sent from the client computer (1) to the e-mail server (2); enabling (43) the proxy server (31) to determine when a file (30) is attempting to send itself (30) as part of an e-mail; and declaring (44) a suspicion of malicious computer code when the proxy server (31) determines that a file (30) is attempting to send itself (30) as part of an e-mail.