As always, think before you click! With any email message you receive, think twice before clicking on any links that it contains, even if it appears to come from someone you know.

Facebook Threat

“Hey, I have this hilarious video of you dancing. Your face is so red. You should check it out.”
If you’ve received an email message like this through Facebook or MySpace, you may have been exposed to the “Koobface” virus. This virus is traveling through email that appears to be coming from your friends on Facebook and invites you to click on a link and see a video. If you click on this link, you are prompted to update your Flash player before the video can be displayed. Then the virus hits, wreaking havoc with your computer.

Sources:

• The Facebook Virus Spreads: No Social Network is Safe (ReadWriteWeb)
• Facebook Virus Turns Your Computer into a Zombie (PC World, December 5, 2008)
• Techcrunch, December 5, 2008

UPS Alert

UPS has issued a warning about a new computer virus circulating as an attachment to emails that appear to come from them. The bogus emails, with titles such as “UPS Delivery Failure” or “Your Tracking #,” claim that a parcel was undeliverable due to an incorrect mailing address. You are then instructed to open an attachment containing a copy of the invoice. The attachment actually contains a virus which can infect your computer.

Source: UPS Virus Warning (About.com)

New phone phishing scam circulating

WVU faculty, staff, students and others are receiving fraudulent phone calls claiming to originate from the WVU Employees Federal Credit Union.

The random calls are made after hours to personal cell and land-line phones, including unlisted phone numbers. An automated voice informs call recipients that their debit card or account “has been suspended” and directs them to call a number.  Do not call the number. The credit union never contacts its members through obscure voice mails.

For more information, go to http://www.wvucu.com/securityInfo.html or contact the WVU OIT Help Desk at 293-4444 or http://oit.wvu.edu/helpdesk/.

The other phishing scam involved Citi cardholders.  State of WV Purchasing cards happen to be Citi cards, so the WVU PCard Administration sent out the following note:

Please advise your cardholders if they receive a phone call from vendors or Citibank, do not respond.  Should the bank put a block on a card, our office will be notified by State Office and we will notify the DCC who can then verify with the cardholder whether to call the fraud department at Citi.

There has been a lot of fraud lately and calls to cardholders.

Never give out personal information or card information.

If you have any questions, please do not hesitate to contact our office.

Thanks!

‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
PCard Administrative Services

THEN this afternoon we got hit with another one.  This one actually downloads a virus to your PC.  [BTW It's a .exe virus, so it only effects Windows.]  Here is what we posted about that:

WARNING: Greeting Card Email

(August 14, 2008) A new email is showing up this afternoon in WVU GroupWise email accounts telling users they have received a greeting card.  Do not open this email. The link within the message actually downloads a virus to the user’s PC.

The OIT Help Desk has been informed of this problem and is advising users to simply delete the email if they see a message with a subject line of ” You’ve received a greeting ecard.”

If you have any questions or concerns, please contact the OIT Help Desk at 304-293-4444 or email oithelp@mail.wvu.edu.

Greeting Card Email – How to Identify that it is spam

So today was pretty eventful. Please remember to be selective about what links you actually click on from emails you receive.  Generally it is preferable to visit the website directly rather than use an emailed link.

So…Be vigilant!  Here are some links we have you might want to take note of:

• OIT News and Announcements – This is our main conduit of information from OIT.  You can subscribe to the RSS feed and be notified immediately when we post something new.  Keep in mind though that the email version of our RSS is a daily digest, so the posts are only delivered once per day.
• Technology Resouces: Spam and Phishing
• Technology Resources: Computer Security Updates & Information
• WVU Information Security Office