Information Technology Services (ITS)

Visit Us · Contact Us

  • Information Technology Services
    Hines Hall 101
    Staff Listing
  • Help Desk Locations
    FSA - Hines Hall 101
    Students - Standish Library

About Viruses

Viruses

Viruses usually spread via e-mail, and the simplest preventive measure is to be careful about clicking on attachments. Unless you know exactly what the attachment is, do not click on it.  Be suspicious, especially about attachments you weren’t expecting, or those whose message does not specifically say what they are.  Viruses may appear to come from people you know, so don’t necessarily trust the sender.

Spyware

Spyware comes from websites and from some downloaded software (file sharing software and fake spyware scanners are common sources).  It keeps track of browsing, but, more importantly, can do things like hijack your home page or create popup ads.  Popups that show up when you go to a new website are probably part of the website itself, but if you get popups when you are not clicking on a link, it’s probably spyware.

To avoid being infected, be careful when installing ActiveX controls in Internet Explorer. This is easy to do:  if one is being installed, a yellow bar will display.  Unless you are doing something specific that requires a program (for instance, using an online virus scanner, or using the Microsoft Windows Update site), do not run these.  For even greater protection, use a different browser, such as Firefox, Safari, or Netscape.

Phishing

This is a scam technique where rip-off artists send an e-mail pretending to be some financial institution (a bank, Paypal, the U.S. Department of Education, etc.) and ask for personal or financial data.  If you send the information, or click on the link, you can end up losing a lot of money.
There are many variations on the message; new bank names are used by phishers all the time.

  • "You have added a new e-mail to your account."
  • "Your account has had unauthorized activity."
  • "Fill out a survey and you'll get $10."
  • "We have locked your account."
  • "Credit card holder security measures."

These are only a few of the possibilities, and there are many variations in the actual wording.

Do not click on any links in these messages; they are disguised and do not go where they look like they're going.  If you have any questions, contact the bank by phone or by typing in the bank's web address directly in your browser.

Never give out personal or financial information in response to an e-mail.  Legitimate businesses never use e-mail to contact their customers unless you've specifically signed up for it. No matter how plausible the explanation or how impressive the message is, do not click on the link in any e-mail purporting to be from a bank.

For information on Phishing and specific scams, see the Anti-Phishing Working Group.  Click on the Phishing Archive for information on past scans.  You may also want to install Spoofstick. This is an add-on to Internet Explorer that tells you if the website is what it's supposed to be.  You can check to see if you're actually on the site you thought you were.  The SANS Institute "Ouch" newsletter also discusses common phishing threats.

Virus Hoaxes

Virus hoaxes are messages warning you about a "new" and especially destructive virus. They often drop names ("AOL announced today . . . "  "Microsoft confirms . . ."). 

The two most obvious signs of a virus hoax are:

  • They always urge you to forward the warning to everyone you know.
  • Though they may mention authoritative-sounding names, they never give you a link to a site where you can read the information yourself.  If you get a message like this, just ignore it. A Google search for any phrase in the e-mail will probably give details.

Spoofed Addresses

Many viruses "spoof" the e-mail address in the "From:" field. This leads to the following issues:

  • The "sender" is not the one actually sending the message.
  • A message from someone is not an indication he or she is infected.
  • You may receive e-mail messages telling you that you have a virus.  While it doesn't hurt to check, they are not an indication that you are infected.
  • You may receive messages saying a recipient could not be reached, or an account doesn't exist, for a message you never sent.  These are all symptoms of a spoofed address.  They can generally be ignored.