E-mail Spoofing Affecting Businesses Nationwide

If your business has not been hit with a virus attack yet, count yourself lucky. The spread of e-mail viruses continue to be an upward trend. These viruses can be identified by various names, such as w32/mydoom@mmand, w32/mydoom@mm and worm_mimail.R, with infected file attachments of various types and a wide variety of obviously suspicious e-mail subject lines (such as "Thanks" or "Hi" or "Test"). Some are disguised as undeliverable message notices directing unsuspecting users to open the infected attachments.

Recently, many businesses and PC users had their e-mail addresses "spoofed." E-mail spoofing occurs when hackers configure their e-mail client to make messages appear as if they are coming from someone or somewhere they are not. This hides the identity of the original sender and can make it hard to track him or her down. The e-mail message usually contains some sort of virus.

E-mail security must remain a high priority for every business. The Better Business Bureau suggests your business take the following security measures to help guard your computer systems from viruses:

• Install anti-virus protection software on all of your computers. Scan your computer systems for viruses on a regular basis. Never disable antivirus software and check frequently with your software provider for virus updates.
• Equip your computers with firewalls, which can be purchased at most computer stores nationwide. Firewalls are gatekeepers made of hardware and/or software that protect a computer network by shutting out unauthorized people and letting others go only to the areas they have privileges to use.
  Firewalls should be installed at every point where the computer system comes in contact with other networks - including the Internet, a separate local area network at a customer's site or a telephone company switch. And, check to make certain your Internet Service Provider has filters to help keep out intruders.
• Download and install security "patches." Most software vendors release updates and patches to their software to correct bugs that might allow a malicious person to attach your computer. Check your software vendors' web sites for new security patches and download and install them on a regular basis. Or you may choose to use the new automated patching features that perform these tasks for you.
• Back up your computer data on a regular basis, at least weekly. Small amounts of data can be backed up on floppy disks and larger amounts on CDs. If you have access to a network, save copies of your data on another computer in the network. Make sure your employees know to do weekly backups of all their important data.
• Regularly check for suspicious activity. Almost all firewalls, encryption programs and password schemes include an auditing function that records activities on the network. Businesses should regularly check logging data and audit trails to look for unusual or suspicious activity.
• Be aware of file-sharing risks. Your computer operating system may allow other computers on a network, including the Internet, to access the hard-drive of your computer in order to "share files." This can lead to virus invasions or competitors being able to look at the files on your computer. Unless you really need this ability, turn off the file sharing. At the very least, do not share access to your computer with strangers!
• Educate your employees. Develop and enforce a company-wide computer and physical security policy, one that instructs employees: not to open e-mail from unknown sources, what to do when they receive suspicious e-mails (when in doubt, delete!), to disconnect from the Internet when not online, to consider the risks of file-sharing, how to perform data back-up procedures and actions to take if their computer becomes infected. Brief employees and management regularly on these policies, new security threats, corrective measures and incident reporting procedures.
• In addition, many businesses might want to consider purchasing encryption software. Even if an intruder manages to break through a firewall, the data on a network can be made safe if it is encrypted. You can purchase stand-alone encryption packages to work with individual applications, in addition to the good encryption software that is in the public domain.

This report is general in nature and not intended as a reliability report on any company, service or product.