|
December 13, 2001
PHADA issues important notice concerning recent e-mail viruses
In the past month PHADA has experienced several occurrences where viruses have appeared to have been sent from our computer system. At the moment of the first occurrence, our computer equipment was overhauled and inspected by an outside expert technician who told us that our equipment was "clean." A conclusion was drawn that when the first infected e-mail was released, the virus became attached at either the outside server level or attached to an address on our mailing, therefore infecting the remaining addresses. Unfortunately this virus has continued to reproduce itself and attach to any computer system that it is vulnerable. The repetitive e-mails you may be receiving have been reproduced by the virus (NOT BY PHADA), which may continue until the infected machine can be located.
A typical virus will reproduce itself by attaching to an e-mail address book and a file or files usually in the system directory. These viruses are capable of e-mailing themselves to every contact in the address book without the knowledge of the user. As a result, the chain begins. For every recipient of the virus e-mail, their address book is flagged and copied. The e-mails may vary in content by taking small excerpts from a file on the infected computer and inserting that as text, thus resulting in a message that appears to contain familiar information to the recipient. Be especially wary of these and confirm personally that the information is legitimate before opening any attachments.
The best defense currently used to catch and stop the spread of a virus is by using virus protection programs such as McAfee or Norton (PHADA's computers currently run Norton Antivirus 2002). These programs are designed to delete or quarantine infected e-mail files. They must be kept current to be effective. You can download the programs or obtain further information about these programs by logging onto either mcafee.com or symantec.com (Norton). If your system currently has an anti-virus program installed and your definitions are current or you are downloading for the first time, it is always best to scan your complete hard drive (C:)--make sure to select "all files" to insure a thorough scan. These programs will identify any infected files and produce a name of the virus that is causing the infection. Step-by-step removal tools are available on either one of the anti-virus sites.
Once again, PHADA would like to assure members that we are aware of this problem and are doing our best to fix it. However, if only one of PHADA's members' machines is infected, the virus can and will start the vicious cycle of sending itself over and over again, many times with an attachment or without a subject.
PHADA's policy about mass e-mails is as follows:
- PHADA will not send attachments with its mass e-mails. Instead, PHADA posts relevant information on its web site and provides a link in the e-mail or provides a link to another web site that has the pertinent information.
- In PHADA Alerts (mass e-mails), there will ALWAYS be a subject.
If you receive an e-mail from PHADA that doesn't conform to this policy, there is a strong likelihood that it is infected with a virus. In this case, you should COMPLETELY delete the e-mail from your computer WITHOUT opening it. It is especially important not to open any ".exe" attachments you receive from PHADA or anybody else. These are almost always viruses and WILL infect your computer. To completely delete the e-mail, you must not only delete it from your Inbox, but from the Deleted Items folder as well (folder names may vary depending on the e-mail service being used).
Until this problem is rectified, PHADA has temporarily stopped sending mass e-mails. In lieu of those, PHADA urges members to frequently check the PHADA web site (www.phada.org), where breaking news stories are regularly posted.
| 
