UAB Information Security recently discovered a new spam campaign where users are tricked into opening an email attachment that contains a virus aimed at stealing passwords and financial information. As with any suspicious email messages you may receive, please report them to firstname.lastname@example.org for inspection.
The recent spam email messages are crafted to look like they came from one of several legitimate companies such as Chase Bank, the Better Business Bureau (BBB), Department of Treasury, Dun & Bradstreet Financial Services or a wire transfer company. You should be aware that these emails are forged and that none of the information included in the email can be trusted including embedded links, e-mail addresses or phone numbers.
Here are some of the common email subject lines we have seen in this spam campaign:
• FW: Company 2013 Report
• Incoming Wire Transfer Notification
• D&B iUpdate: Company Order Requested
• Department of Treasury Notice of Outstanding Obligation – Case ######
• Better Business Bureau Complaint Case #######
• Merchant Billing Statement
• ACTION REQUIRED: A document has arrived for your review/approval (Document Flow Manager)Tweet
Computer viruses implant instructions in other programs or storage devices and can attack, scramble, or erase computer data. The danger of computer viruses lies in their ability to replicate themselves and spread from system to system. Few computing systems are immune to infection.
The following activities are among the most common ways of getting computer viruses. Minimizing the frequency of these activities will reduce your risk of getting a computer virus:
- Freely sharing computer program and system disks, or downloading files and software through file-sharing applications such as BitTorrent, eDonkey, and KaZaA
- Clicking links in instant messages (IM) that have no context or have only general text (even from someone you think that you know)
- Downloading executable software from public access bulletin boards or websites
- Using your personal disk space with public computers that are used by more than one person
- Opening email attachments from people you don't know or without first scanning them for viruses
- Opening any email attachment that ends in .exe, .vbs, or .lnk
- Continually running your machine without the appropriate patches
Signs of a Virus Infection
If your computer begins to act strangely, or if it stops being able to do things it has always done in the past, it may be infected with a virus.
Symptoms such as longer-than-normal program load times, unpredictable program behavior, inexplicable changes in file sizes, inability to boot, strange graphics appearing on your screen, or unusual sound may indicate that a virus is on your system.
However, it is important to distinguish between virus symptoms and those that come from corrupted system files, which can look very similar. Rule out more standard causes before suspecting a virus.
How to Avoid Computer Viruses
The following are some recommendations for safe computing:
- The most important thing you can do to keep your computer safe is to install virus detection software and keep the virus patterns up to date. Antivirus programs perform two general functions: scanning for and removing viruses in files on disks, and monitoring the operation of your computer for virus-like activity (either known actions of specific viruses or general suspicious activity). Most antivirus packages contain routines that can perform each kind of task.
- Keep your operating system current with the latest patches and updates. The writers or viruses and worms often exploit bugs and security holes in operating systems and other computer software. Software manufacturers frequently release patches for such holes.
- Backup your files. Viruses are one more very good reason to back up your files. UAB employees can use UABFILE to store their data. UABFILE is kept in a secure location and backed up regularly.
- NOTE: If you back up a file that is already infected with a virus, you can re-infect your system by restoring files from backup copies. Check your backup files with virus scanning software before using them.
- Obtain public-domain software from reputable sources. Check newly downloaded software thoroughly using reputable virus detection software for any signs of infection before running the install programs (.exe, etc). This can also help protect you from Trojan horse programs.
- Quarantine infected systems. If you discover that a system is infected with a virus, immediately isolate it from other systems and report the incident. In other words, disconnect the system from any network and do not allow any of the machine's files to be moved to another system. Once the system has been disinfected you can copy or move the files.
- If you use a desktop version of MS Outlook, minimize use of the preview & reading pane options.
UAB IT provides Antivirus for use by everyone at UAB including your personal home systems. To download Microsoft Forefront Anti-virus software(Windows) or Sophos Anti-virus (OS X), please click the link below and select from the available antivirus titles.
Please Note: There is a known incompatibility with Sophos and FileVault on Mac OS X 10.5.x. If you are using FileVault please do not install Sophos Antivirus at this time.