Student, faculty and staff computers throughout Grounds recently have come under attack from a mass-mailing worm, spread through e-mails claiming to be from the popular online billing service PayPal.com.
According to Mark Smith, manager of desktop computing support for ITC, his office first announced the worm's presence through an online message posted Nov. 18.
The e-mail, which includes an attachment, warns recipients that their Pay Pal accounts "will be expiring within five business days" unless they utilize the attached the program to "update their account settings with their personal information."
Smith said if a person opens the attachment the worm "steals the privacy of other people who you communicate with on some basis" by seeking out all of the e-mail addresses saved on a person's computer and attaching itself to them in order to spread. He added that if a person submits their personal information via the attached program, which includes form lines requesting credit card and social security number information, they are at risk of having that data stolen for illegal purposes.
"That form is asking for everything I know my bank asks to identify me," Smith said.
Ironically, the e-mail says the account holders' actions are necessary "because we are implementing a new security policy on our Web site to insure everyone's absolute privacy."
According to a recording from Pay Pal's customer service number, "Pay Pal will never send you an attachment or software update to install on your computer."
Smith said he is uncertain at present where personal information could be being sent via the attached program, but said because he feels it necessary to consider the worst case scenario, acknowledged that identify theft could follow use of the program.
"I don't want to set off a panic on this one and it's really easy to panic on this one," he said. "Could identity theft happen? There's enough information to try it."
Smith said the ITC Web site provides a link to detailed instructions for removing the worm component of the e-mail, but suggested that those persons who have submitted their personal information might want to contact their credit card provider, for example, in order to prevent larger problems.
Second-year Engineering student Ewen Cheslack-Postava, who said he has received around 30 of the e-mails, said he was perturbed by the fact that his computer was flooded with e-mails due to others' incompetence in identifying a potentially virus laden e-mail.
"It bothers me because I know I can recognize it when something is a virus e-mail and it seems stupid that other people can't," Cheslack-Postava said.
Second-year College student Eric Cunningham agreed that the e-mails are an irksome addition to his mailbox.
"It's more of a hassle than anything," Cunningham said. "You have to go through and delete all these e-mails and you're also wary of e-mails from anyone you don't know."
Although Smith said at present there is nothing to make ITC believe the virus is capable of destroying anyone's personal files or hard drive, he added that ITC will remain vigilant.
"There's always the possibility that there's something hidden that will trigger later," he said.
Read More
U.Va. Faculty Senate overwhelmingly adopts a no confidence vote in Board of Visitors
By Xander Tilock | 15 hours ago"The Faculty Senate expresses no confidence in the Board of Visitors for not protecting the University and its president from outside interference," the resolution read.
Faculty Senate Executives hear from Rector Sheridan and Vice Rector Wilkinson
By Xander Tilock and Grace Traxler | YesterdayRectors were in attendance for part of Wednesday’s emergency meeting and were asked about the interim president selection process.
Student leaders weigh the future of self-governance after Ryan's departure
By Brendon Bordwine | 2 days agoThe University has a historical tradition of student self-governance, which allows students to take part in decision-making processes.
