| [Thread Prev] | [Thread Next] | [Thread Index] | [Date Prev] | [Date Next] | [Date Index] |
Folks,
No, typically the virus/worm attacks are NOT customized for a particular
person. What the authors of these programs are doing is assuming you know
the people in your email address lists and that a potential host is more
likely to open the attachment if it is somehow personalized. So you are
seeing viruses and worms imbedding themselves into files selected from what
is available on the infected pc with email subjects like "For your comment",
"As you requested", "Here is the information", etc. If you get something
like this, you are more likely to open (and execute) the attachment with the
infected payload. Another clue: look for multiple file types instead of the
usual 8.3 file name (as in image.doc.pif).
What to do? If you aren't expecting an attachment, don't open it.
Immediately update your virus definitions and scan your attachment
directory. If an infection is detected, just delete the file. If you are
expecting an attachment from a known and trusted source, scan it anyway. By
keeping virus auto-protection feature running, this usually happens as a
matter of course. If you don't keep your definitions up to date, however,
scanning with out-of-date information is only marginally better than not
scanning at all; you are at risk.
If you detect a virus, you really only need to contact the person it came
from. And, remember, most of the viruses and worms are stealthy; they don't
announce themselves immediately. They like to quietly replicate themselves
and send out copies. The user of the infected machine is most likely not
aware the machine is infected.
Keep your virus definitions current.
Brandon C. Nuttall
BNUTTALL@KGS.MM.UKY.EDU Kentucky Geological Survey
(859) 257-5500 University of Kentucky
(859) 257-1147 (fax) 228 Mining & Mineral Resources Bldg
Lexington, Kentucky 40506-0107
www.uky.edu/KGS/home.htm
www.uky.edu/KGS/PTTC/home.htm
Partial index: