Spike in virus infected emails – take extra care

We’ve seen a sharp increase today in new virus variants getting through to email users due to the speed at which they’re evolving to avoid detection.

Identical messages can arrive sometimes minutes apart but already containing different variants of the virus, making it a game of cat and mouse for the security vendors to keep up.

The fake Amazon order confirmation complete with suspicious-looking ZIP file is the one we’ve heard a lot of reports about but I should stress these emails change by the minute so it’s worth just thinking twice before you click links or open anything resembling an attachment.

I think I might have an infected file, what should I do?

I recommend your first step to check whether the file is actually infected, is to check whether it’s known about by any of the leading antivirus vendors.

A good place to do this is on the Virus Total website 

If you’re using an Alt-N product, so MDaemon Messaging Server or SecurityGateway for Exchange, you’ll be using either ClamAV or Kaspersky, or perhaps both dependent upon which plug-ins you’ve purchased.

We obviously hope that as a result you won’t be seeing any of these, we think those engines are particularly good, however it is possible given the speed at which these threats change.

In the unlikely event you do suspect you’ve received an infected email or ‘false negative’ as they’re know, please alert Alt-N Technologies by sending a copy of the entire email to virusfn@altn.com

We would also recommend that you contact the relevant AV provider directly by using the following procedures:

ClamAV

Visit the ClamAV ‘Submit Malware’ page here, fill in the form and upload a copy of the suspicious file you have received.

Kaspersky Antivirus

Step 1: Put the suspected virus in a new password-protected zip or rar file
            (we recommend 7zip to do this)

Step 2: Compose an email message with a short description and attach the zip file.

Step 3: Include the password in the body/subject of the email.

Step 4: Send the zip/rar file to newvirus@kaspersky.com

I think my server is probably unprotected, what should I do?

If you don’t currently have adequate security protection for your MDaemon or Exchange server, you may wish to download the free 30-day trials of the SecurityPlus plug-in or SecurityGateway and ProtectionPlus respectively.

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Zen Software logo       Try any of our software completely free for 30-days:

MDaemon email server  |   BackupAssist   |   MailStore email archiver

Let us know what you think....

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s