Personal tools
University Computing Service

Help & Support

E-mail and the Virus Threat

The following are guidelines for dealing more safely with email:

  • Install anti-virus software and keep it up-to-date. Links for downloading software in the Cambridge domain are at http://www.ucs.cam.ac.uk/support/anti-virus/pcdownload
  • NEVER give out your password in response to an email. No bank will ask for your account details to confirm your account or allow access, the Computing Service will never send an email requesting that you send your password. You should, NEVER give out your passwords to anyone.
  • Who actually sent this email? Many modern viruses pick up any email address found on an infected machine and send attachments (which include the virus) to those email addresses using the same sender addresses. This has the unfortunate consequence for users that messages not sent by the real user being returned to the (faked) sender, and may cause undue worry. If you start receiving rejections from sites or people you know you have never sent email to the chances are that malware has harvested your email address from somewhere. If you are unsure or concerned about your system check that your antivirus software is up-to-date and then run a full antivirus scan of your machine. You can also contact your local Computer Office or the Service Desk, email help-desk@ucs.cam.ac.uk
  • Don't open attachments from unknown senders. Also, ask people you know who send you attachments on a regular basis to send you a warning in a previous message. You can then send a message back stating that you are ready for such an attachment. This will prevent someone else spoofing the senders email address - please note that viruses can also spoof senders email addresses, so if you receive an attachment from someone ask them if they really sent it BEFORE opening it!.
  • Don't open email attachments directly from the message itself. Save any attachments to a temporary folder and scan them with anti-virus software BEFORE opening them.
  • NEVER send on any e-mail messages with a subject such as "Pass this on to everyone you know..." (e.g. The Jdbgmgr.exe hoax). No genuine warning from a credible source will tell you to send the message to everyone you know. These are usually hoaxes and even before you act upon any such message yourself you should check out the hoax lists available on the web. Some are available at:
  • Due to the wide-spread attacks on vulnerabilities in "Microsoft Outlook Express" we cannot recommend it for handling email. If you must use "Microsoft Outlook Express" (or you use the full product "Microsoft Outlook") please ensure that you have installed all the relevant patches to fix any bugs that may have been discovered with them. In addition, due to the integration of "Microsoft Internet Explorer" with various Windows components such as "Outlook Express", you must also ensure that "Internet Explorer" has all its patches installed. Information on how to configure and use automatic updates in Windows can be found here.
  • Hoaxes/Jokes and other pointless email. There is a lot of spam out there. Unfortunatly there is also a lot of pointless joke and hoax email designed to either spread malware or has no other purpose than to get people to forward the mail onwards by giving the person the impression they are helping, you won't be. The sites below gives more information on the types of mails that you might recieve.
McAfee
Symantec
Sophos
F-Secure
  • Turn off the option to hide known extensions so that when you do recieve a file (and have saved it) you can see what type of file the attachment really is.
  • Whenever you send e-mail attachments yourself try to organise it such that you can send them as .ZIP files. This does assume the recipient has some means of un-zipping them but is a much safer process as the files can be scanned during the un-zip process itself. Note: if you use Outlook there is a small add-in, available free for private use, that does this automatically when you send messages with attachments - this can be found at BAxBEx Software. Similar shareware products can be found at Tucows.
  • Please note that Microsoft NEVER distributes software updates via e-mail!