Uni Home / IT Assist / Staff / Services / Email & Calendar / Viruses & SPAM

AntiVirus and Email Security Services

The University has a site license for Symantec Antivirus Corporate Edition which allows this software to be installed on any University owned computer. This software provides high level virus protection for individual computers.

Central ICT runs filtering software on the central email server which identifies and quarantines incoming email messages which have a high probability of being:

Spam Email Messages

Spam email messages are unsolicited emails, sent in bulk which are usually used to advertise a product or service.

ICT runs filtering software on the central email server which identifies and filters incoming email messages which have a high probability of being spam. Please see the Pure Message Spam Quarantine system page for more information.

Emails with viruses as attachments

One common way for viruses to spread to new computers is through email messages with attached files which contain viruses. To avoid being the victim of viruses of this kind, it is a good idea to avoid opening or saving attached files from unsolicited emails.

ICT runs AntiVirus software on the University's email server which identifies and quarantines potentially offending incoming messages according to the University Antivirus Policy. Please see the Pure Message Virus Quarantine system page for more information on how the virus quarantine system works and how to release attachments which have been quarantined incorrectly.

Phishing email messages

Recent Phishing Email Example from 25/09/2008

From: The University of Sydney [mailto:********@singnet.com.sg]
Sent: Thursday, 25 September 2008 9:57 AM
To: info@mail.usyd.edu.au
Subject: TERMINATION OF YOUR USYD.EDU.AU WEBMAIL ACCOUNT


Dear Staff/Student

TERMINATION OF YOUR USYD.EDU.AU WEBMAIL ACCOUNT

We are currently carrying out an upgrade on our system due to the
fact that it has come to our notice that one or more of our subscribers
are introducing a very strong virus into our system and it is affecting
our network.We are trying to find out the specific person.

For this reason all subscribers are to provide their USER NAME AND
PASSWORD for us to verify and have them cleared against this virus.
Failure to comply will lead to the termination of your Account in the
next 48 hours.


Information to send;
EMAIL ADDRESS:
USERNAME:
PASSWORD:


Hoping to serve you better.


Sincerely,

The USYD.EDU.AU mail Support

********************************************************************************************
This is an Administrative Message from The University of Sydney Mail server. It is
not spam. From time to time,The University of Sydney mail server will send you such
messages in order to communicate important information about your
subscription.
********************************************************************************************

Phishing emails are messages which masquerade as official correspondence in order to deceive the recipients into giving away their login names and passwords to secure services such as:

  • Email accounts
  • Bank Accounts
  • Ebay Accounts
  • Accounts for other online services

These emails often warn the recipient that they must reply with their login name and password or their account will be shut down.

ICT will never send email requests for users to reply with their UniKey passwords. Any requests of this kind should be deleted without sending any response.

New (Worm) News

There have been several reports release recently describing the behaviour of the Conficker worm. According to the Sydney morning Herald “A nasty worm has wriggled into millions of computers and continues to spread, leaving security experts wondering whether the attack is a harbinger of evil deeds to come”
Vendors and research labs are still trying to understand the full extent of the worms behviour to be able to deploy a fix/patch to protect the users/corporations from this specific worm. Press reports indicate that the worm has been getting around since November 2008.
The 1st line of defence is to ensure that your systems (desktop & servers) are patched with the latest available updates.
The worm is more prevelant on personal computers, where there patches are typically not installed by the average home user.

ICT will issue the fix via the Change process, once the vendors determine/test and finally release the fix.