31 Oct, 2013
A recent surge in malware threats has occurred at Owens as well as some other area colleges. As you're likely aware from past messages from ITS, there are many forms of email threats. The most prevalent is still the embedded link. But, in the last two weeks, ITS has become aware of a different type of threat in the form of an email attachment. These attachments can be executable files (.exe or .com). The recent threat seems to be in the form of a .zip file attachment (filename.zip). The sender is addressing the email to make it appear to come from an internal Owens employee. The "From:" address may be displayed as: Administrator (firstname.lastname@example.org). This is not a valid email Owens address. The real address is masked by what's known as a "forged" (or fake) email address, to make it appear that the message is from an Owens email account. The subject of the messages can vary as well.
Opening the attached files can potentially be extremely damaging. Files on your PC and even shared network drives can become damaged, and no longer accessible for all users of shared resources. One specific virus that's been identified recently is what's termed as "ransomware". When the file attachment is opened, it will encrypt files on the local PC as well as attached network drives. It will then pop-up a message on the PC with a ransom demand for a code to decrypt the files. When you check messages in your personal quarantine (MailStore - in Ozone), please be very suspect of any message captured in this quarantine. Messages in MailStore are rated with a SPAM score from 1 - 10, with 10 being the highest threat. Any message with an attachment that is released from MailStore should have the attachment scanned before opening. If your not expecting a message from a sender, or the senders address appears a bit odd or unrecognizable, please contact the HelpDesk at x7120 before opening any attachments or clicking on the email link. It would be a good practice to contact the sender to verify they sent you the message in question if your not sure about it's origin or safety.
GroupWise Email Administrator
Mobile Device Administrator
Owens Community College
Information Technology Services