Is my computer infected if I get the message but don't open any attachments?
No, just receiving a message does not infect you. You must click on or OPEN an attachment on the message to risk becoming infected. Be sure your e-mail program is not set to automatically open any attachments and your anti-virus program is up to date. Resources to assist you are listed below.
What should I do when I receive these messages?
Right now, we strongly recommend using the message headers to identify the infected machine to let the sender know they are inadvertently distributing infected messages to others. Determining the true sender is tricky but necessary to help prevent this particular virus from spreading. Just forwarding the message without the headers will not help. Please refer to these instructions for additional ARPA Header information.
Okay, so I found the "ARPA Headers," now what?
After following the instructions, if the bottom-most "Received" line shows that the message came from Cal Poly, please forward the message with full ARPA headers to "abuse@calpoly.edu". Otherwise, you should forward the same information to the off-campus service provider (e.g., aol.com, charter.net, hotmail.com, etc.) via both "abuse" and "postmaster".
This is too confusing. Who can I call for help?
These viruses are a serious matter. Call the Service Desk at (805) 756-7000 and they will walk you through the steps or refer you to someone who can assist.
What is Cal Poly doing to prevent viruses from spreading?
1. Information Technology Services (ITS) employs an email antivirus gateway to greatly reduce many of the known viruses from ever reaching or leaving the campus. The gateway deletes infected attachments and notifies the recipient about the virus. When a large outbreak occurs, the gateway may be used to infected messages. The gateway also filters and tags incoming messages suspected of being SPAM.
NOTE: ITS can never block or prevent all virus attacks as new ones are constantly being invented, and there is a delay between a new virus being identified and the antivirus software definitions being updated to identify and disinfect them.
2. Provide current antivirus and antispyware software to all Cal Poly users at no charge for use at home and work, and as much installation assistance as possible.
3. Employ a perimeter "firewall" between the Cal Poly network and the Interent. The firewall limits outside access to on-campus computers and services except when explicitly approved. Visit the campus firewall website for more information.
4. Employ automated software to ensure that the operating system, antivirus and antispyware software are up-to-date on computers in the residence halls prior to granting network access.
5. Check laptops to ensure the operating system, antivirus and antispyware software is up-to-date when they are first registered for access to the campus wireless network.
6. Remove potentially infected computers from the network as soon as possible to prevent other computers from being infected or attacked.
7. Provide assistance to clean-up infections when they occur on campus computers and servers.
8. Educate Cal Poly users on how to avoid viruses and what to do if they are infected. Simply put, answers to specific virus questions depend on many factors. Find, read, and save online instructions just in case you need them.
What can I do to defend myself against viruses in general?
Clearly, personal alertness, action and defensive virus protection is an essential and prudent course of action in preventing infection.
1. Make sure your antivirus software and virus definitions are current on both your home and office computer. Set them to regularly download update files to decrease your risk of infection. Also keep your operating system and related software, such as Internet Explorer, Outlook Express, and Outlook updated via the Windows update icon on the Start menu on most Windows machines. Review the links on the Virus and Spyware section of the security website for more information.
2. If you suspect infection on your machine, PLEASE DISCONNECT YOUR COMPUTER FROM THE NETWORK. You may be infecting others. Shut down the workstation only if the specific virus advisories tell you to do so. Refer to the following page for specific advice on what to do: Virus Reporting and Response Procedures.
3. Make good backups. If you have access, save your files to a "networked" directory where regular backups are guaranteed. If you don't have network access, use a zip drive or removable storage device, such as xxx, to periodically save your files to disk.
4. In general, you should delete "suspicious" e-mails without opening them, especially if you receive an attachment from someone you don't know. BUT only do so after taking steps to identify and report the incident to the appropriate Internet service provider (ISP) as recommended above.
5. If you get e-mail with an attachment from someone you know, don't assume it's harmless! Many viruses spread by automatically sending themselves to the addresses found in the victim's Outlook address book, and often include a subject or text that looks like a genuine message, or they disguise the real sender.
6. Unless you can tell for sure that it's NOT a virus, call or e-mail the person and ask if they meant to send you an attachment. If they say yes AND they can explain what it is, then it should be safe to open it. If not, try to identify and report the infection to the appropriate ISP as soon as possible as recommended above, and then delete the message.
