News
 

Infected e-mails sent from UH

New Internet worm mimics University e-mail addresses

by Portia-Elaine Gant
The Daily Cougar

The Technical Support Services department recently discovered a new mass-mailing virus/worm, Bagle.j, which disseminates e-mail messages that appear to be from UH or the recipient's respective e-mail address domain, but once opened are both damaging and reproductive.

"It's been a big problem for McAfee and Norton and for the University of Houston because people are getting these e-mails that look like they are from the University, and they're not," TSS analyst Gary Chelette said. "And when they open up these attachments, they're infected."

Unfortunately, just combating Bagel.j would be insufficient, Chelette said, because new variations are propagated almost daily.

"McAfee, and of course TSS, has been having a heck of a time keeping up with these (viruses), with them being released one after the other. Each one is designed to get around the update that was put out the day before. If you were protected yesterday, you might not be protected today," Chelette said.

"We started in on our internal warning to all of our key IT people in the University (Wednesday) morning about Bagle.j," he said. "We were writing an article on the UH Web site, and we didn't even get that one up for five minutes before a new Bagle popped up."

Although even anti-virus services like McAfee and Norton are having difficulty combating the wave of viruses, Chelette offered some advice for computer users.

"No. 1, have an anti-virus that is updated daily, preferably every time you boot up that computer. The University provides people with a free anti-virus program, and that's McAfee. At no cost, people can use this anti-virus," Chelette said. "This is going to be critical for the future. Because not everybody can keep up to the date on everything, a personal firewall is recommended for everyone. That way, nothing comes in that isn't authorized, and nothing is leaving the computer without authorization. If they start mailing out a virus, a personal firewall will stop it."

Chelette also recommended that computer users set their computers to automatically download Windows updates.

In addition to receiving a virus, users must also be aware of the possibility of identity theft.

"If you buy from eBay.com or Amazon.com and you tell them to save your information so the information is stored next time you use their Web site, it's stored as a cookie on your computer," Chelette said. "(Hackers) can get a hold of your name, your address and Social Security number. Then you realize you've got a warrant for your arrest because you maxed out your credit cards and haven't paid them. It's not you; someone's stolen your identity."

Identity theft may not always be the first problem associated with viruses and worms, but Chelette warned users to be conscious of the potential of worms.

"Once you get these on your computer, you really no longer own that computer; the hacker does. He can do just about anything to that computer he wants including stealing any personal information on your computer from your social security number to your credit card number," Chelette said.

So far, there has been no method of stopping hackers and virus writers. Although the problem is worldwide, Chelette said 60 percent of unsolicited "spam" e-mail comes from the United States. And, although there is little individual users can do to combat the problem, being cautious can be effective.

"Be diligent and be sure not to open any attachment unless you're sure to expect an attachment from someone," Chelette said. "If you get an e-mail from your boss saying 'I love you,' that's a good indicator there to not open it."

"If you are expecting an attachment from someone but didn't expect it today, it's a good idea to call them," he said. "Qualify what you're opening before you ever open it."
 

 Send comments to dcnews@mail.uh.edu