[TECnewhw] new virus warning

[Trevor Cordes]

Since I've had at least 4 people email me about this in the past 24 hours, 
I'm putting out this notice to all my customers.  I apologize if you 
receive this twice due to being subscribed to both my lists.

If you receive an email with an attached ZIP file that is "password 
protected", do NOT open this attachment or type in the password, it is a 
virus (named Bagle)!

This is the latest in a long series of "social engineering" style attacks 
which try to dupe you into opening an attachment and so infecting your 
computer.  The other big one (MyDoom) pretends to be an undelivered 
message bounce.

If you follow these simple email usage rules, you will greatly minimize
your chance of catching a virus:

1. Never trust the "From:" field in emails.  The From can be forged by any 
dork (or virus) to be anything they want.  Usually they'll spoof it to 
appear to be from someone you know, when in fact it has nothing to do with 
someone you know.

2. The *old* rule that said "don't trust an email unless you recognize 
who it's from" is now completely invalid because of #1.  Don't give an 
email more trust because it appears to be from someone you know.

3. Never trust the content of an email.  Email is insecure and someone can 
easily send bogus content or (less likely) alter the content of an email 
someone legitimate is sending you.

4. Avoid attachments if at all possible.  If you aren't specifically 
expecting an attachment that day from that person (remembering that the 
>From can be forged) then do not open it.

5. If you believe an attachment to be valid, always select SAVE TO DISK 
instead of OPEN.  Then save it somewhere temporarily, like the desktop or 
My Documents.  Then go to where you saved it and right click and click 
properties.  Look carefully at "Type of File".  Make sure that agrees with 
what you believe the file to be (an Word file for instance).  If it is an 
"executable"-type file, then it is almost certainly a virus and you should 
delete it.  To be extra safe, if you have Norton Anti-Virus, right click 
on the file and select "scan with Norton Anti-Virus".  Only after you 
follow all these steps should you open an attachment.


Most of these rules also apply to files you download from P2P systems like 
Kazaa, mIRC, etc.  As usual, I strongly recommend NOT running P2P programs 
as they are huge adware/spyware and virus magnets.  75% of the virus 
infections I fix for people are due to P2P sharing.


Lastly, when browsing the web, if a "do you want to trust content from..." 
box pops up, you almost ALWAYS want to answer NO or CANCEL.  The *only* 
exceptions any "normal" user would want to approve are Microsoft (while 
doing Windows Updates) and Macromedia (for Shockwave/Flash).

If you find a web site that says it will give you some wonderful/neat/ 
cute/slick program for free, it is most likely an adware/spyware (ie: BAD) 
program.


I personally follow these rules (and a few more I've discussed in previous
emails) and I have NEVER EVER ONCE caught a virus/malware.