Fighting viruses and spam
What the UW is doing
- Scanning and monitoring
- Most email going to and from the UW is scanned by programs that identify messages that carry viruses and rate the likelihood that a message is junk mail or “spam” (they give each message a spam score).
- Because of the massive volume of spam, these programs automatically filter out and reject all inbound and outbound messages with a spam score equal to or greater than 70 (inbound) and 95 (outbound) (out of a possible maximum score of 100).
- Certain types of attachments to messages are automatically removed because they are frequently used as a way to deliver malicious software (malware) to computers.
- Email relayed through the UW’s central email servers is scanned for viruses. Any infected email message is discarded, and no notification is sent to the sender or the recipient.
What you can do
- Report suspicious email
- If you receive a message that you think is potentially malicious, such as a message from a bank asking you to login and change your password, follow these steps:
- DO NOT click on any links in the message nor respond to the message.
- Identify the message as spam vs. phishing:
- Spam is unsolicited email, typically sent to a widespread audience, that is usually from someone who is trying to get you to buy something.
- A phishing email is a type of spam in which the sender tries to get you take a specific action, such as clicking on a link, entering your UW NetID credentials, or downloading an attachment
- If you receive an email you suspect is phishing, in which someone is trying to get you to download an attachment or enter your UW NetID and password onto a fake web page, send the email as an attachment to email@example.com.
- If you receive an email you suspect is spam, in which someone tries to sell you a product (such as cheap medication), send the email as an attachment to firstname.lastname@example.org.
Doing so will help UW email managers better configure our systems to recognize and filter out such messages. The message will also be reported to industry spam and phishing tracking services. More information about spam and phishing is available from the Chief Information Security Officer (CISO):
- Filter out spam
- Unwanted email messages (spam) fill up your Inbox and often contain links to malicious sites that will try to attack your computer. Use the spam filter of your email service to minimize exposure to this hazard.
- Be skeptical
- Computer viruses and worms are programs that makes copies of themselves and infect computer files. Most viruses and some worms need your help before they can infect your computer. You can avoid helping them by doing the following:
- Do not open unexpected email attachments. Even attachments in messages from people you know may be infected because viruses often have fake “From:” addresses.
- Do not download unknown programs, such as free screensavers.
- Do not trade lots of unknown files, such as with peer-to-peer programs like Kazaa. The more unknown files you download, the more likely that some of them contain viruses or worms.
- Do not believe amazing offers and unlikely stories.
- Keep your computer clean
- It is UW policy that all computers connecting the UW networks should be well managed to minimize the chance that they will get infected. This policy applies no matter what computer you are using (office, portable, or home) and no matter how you connect (by modem from home, by wireless in a lecture hall, from your personal ISP account, or by plugging in to a wall connection on campus).
If you do get infected, it is a very serious problem:
- An infected computer is a hazard to the UW networks and other UW computers.
- You have a responsibility to promptly clean your computer.
- Your connection to UW networks will be blocked if your computer is the source of virus and worm attacks on other computers. To be able to get to the Internet again, you will have to clean your computer (probably rebuild it) and then have your connection unblocked.
- Use antivirus software
- To further protect yourself and others from viruses, UW Information Technology strongly recommends that all computers accessing UW networks and services run antivirus software. Find the Sophos antivirus program on Securing Your Computer. Be sure to regularly download and install the updated data files. New viruses are appearing constantly, and your antivirus program needs the latest data to be effective.
- Automatically update your OS and antivirus software
- Viruses and worms try to take advantage of known weaknesses in operating systems. In many cases, patches to these weaknesses are available. The safest approach is to configure your operating system to automatically install patches as they become available.
The antivirus software you use must also have current data to be able to detect the latest attacks. It is strongly recommended that you follow the instructions that come with your antivirus program to configure it to automatically update so your always have the latest data.
Sophos antivirus software for Windows and Macintosh computers is available for download to all UW faculty, staff, and students at no direct cost.