November 18, 2004
C&C: Caution battles computer viruses
In the world of e-mail, it’s getting so you can’t even trust your own friends. Or those who claim to be your friends, that is.
That seems to be the legacy of such computer viruses as MyDoom, which attacked computers nationwide and at the UW in recent days, and will no doubt strike again. And though being wary even of familiar-looking e-mail contacts may seem extreme, UW computer experts say it’s a low price to pay to avoid downloading a destructive virus.
“The way it worked is that people received a forged e-mail, most frequently saying something about a PayPal account, then there was a link to go to,” said Oren Sreebny, director of client services and learning technologies for the Computing & Communications department, of the MyDoom virus. “It linked them to a Web site where, if they’re running Internet Explorer on Windows, it exploited a known vulnerability … to infect them with the virus.”
Simply put, the virus then gained access to the computer’s e-mail address book, replicated itself and sent itself out “to people in the address book, purporting to be from people in the address book,” Sreebny said. He said it’s not known how many UW computers were affected.
“We’re certainly seeing more of these, though not quite as frequent outbreaks as last year — knock on wood,” Sreebny said. “But people are just relying so much more on their connections that when (viruses) do happen, they tend to affect more than they used to.”
Since your computer’s address book is used, the viruses are more likely than ever before to resemble a friendly message or suggested link from a friend, said Sreebny’s colleague David Wall, a client services consultant with C&C.
So, what to do? These C&C representatives have some suggestions.
- Be careful what you open.
“One thing up front is to always be cautious and suspicious, pretty much of everything,” Wall said. Sreebny agreed: “Be viligant on what you click on, even if it appears to be from someone you know.”
But how does one tell the difference between real and phony messages from one’s own acquaintances? Common sense, mostly, they said. Is it like this friend to recommend Web sites to click on without explanation, or to send attachments? If you get a card of greeting or another message you have reason to question, write your friend for confirmation — “Did you really send me this?” — before opening it.
- Download safety patches when they are offered.
“There’s no one silver bullet,” said Sreebny, “but people should be as up to date as possible on various software patches, especially if you’re running Windows.”
You can also set your computer to automatically download such patches whenever needed. Those computers already updated with the SP2, or security patch 2, program, likely are not vulnerable to MyDoom.
Sreebny also said it’s important for computer users to run anti-virus software and to keep that software updated through a MacAfee program available as part of the UW Internet Connectivity Kit, available at the UW Bookstore or online.
- Increase the security of your Web browser, or find an alternate browser.
Wall said if you dig carefully into your browser’s preferences files, you can ratchet up your security level without compromising your ability to travel the Internet. An even more drastic option, Wall and Sreenby both said, is to switch to a new browser that’s less likely to be the target of viruses and attacks.
“At this point it probably makes sense to use a browser other than Internet Explorer,” said Sreebny. “We recommend Mozilla, and their new browser called Firefox.”
Wall agreed, but added the caveat that even a new browser won’t completely protect you from the viruses of the Web.
“You still have to be vigilant,” he said.