Viruses, Phishing & Spam
Sophos AntiVirus and Update Feature
Drexel distributes Sophos Endpoint Antivirus software via our secure software server through the Downloads and Computers section of this website. You need to install this software and keep it up to date on each computer you use whether on campus or at home. The software contains a continuous update feature that gives you anti-virus updates over the network. Sophos' default interval is 10 minutes; you can change the interval through the Sophos software and/or manually choose update during a virus crisis. Since there are thousands of viruses in circulation, and it is not practical to mass email the entire community every time another virus is released, the scheduled Update feature is essential to virus protection. Use the instructions we have provided at this webpage to configure your antivirus update.
Users who ignore the anti-virus protection measures provided place themselves at serious risk for receiving and spreading viruses throughout the network. IRT will disable any account or network port which is the source of or cause of proliferation of a virus until we can be sure the infected computer has been cleaned and no longer poses a threat to email or the network service. This may mean loss of service to individuals whose computers are infected and to the larger community of users who share the network.
Phishing is attempting to acquire information through email (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a web or email administrator, a bank, an Internet provider or an individual. Phishing email masquerades as someone known to the recipient. At Drexel our mail servers are configured to identify potential phishing mail and tag them with [PHISHING:XXXXXX]. Users must take careful precautions when receiving messages tagged this way. Legitimate companies and organizations, including Drexel, will not ever ask for your userid and password to be sent via an email.
- You should never open an email message or click a link in an instant message — even from someone you know — if you see several messages from different people with the same or similar subject line. Such repetitive messages are a good sign that you're looking at a virus that is spreading via email.
- There are some kinds of attachments that should never be opened. You need to look at BOTH the name of the file and the icon (if your mail program shows one). File names that end in ".EXE" ".VBS" ".VBE" ".COM" ".JS" ".HTA" ".REG" ".WSE" ".SHS" ".SHB" ".SCR", are program files and should be deleted without opening them. If the icon looks like a program icon, a window, or a blue or yellow scroll, delete the file; these are programs, too.
- The university's anti-virus gateway protects mail coming to "@drexel.edu" addresses only. If you have an email account provided by someone else (departmental server, Yahoo!, Hotmail, etc.) our gateway can't protect you. We prefer that, while connected to the campus network, you not access attachments from off-campus email servers.
For further information, visit the IRT website at http://www.drexel.edu/irt or http://www.sophos.com/en-us/threat-center.aspx. If you have any questions regarding the use of Antivirus software or need further assistance, call the IRT Drexel Helpdesk at 215-895-2020.