July 21, 2004
To: UCOP Personnel
From: Patrimpas Prapuolenis, Manager, IR&C Desktop Computing Services
Over the last couple of days, UCOP personnel have been receiving fake
e-mail messages from "spoofed" UCOP addresses. Many of the
messages are accompanied by virus-infected attachments in the form
of compressed, or "zipped," files. Many of these .ZIP files
claim to be password-protected; the e-mail also may contain an image
file that purports to provide the password.
If infected .ZIP files are not password protected, they
are identified by UCOP's server-based virus-scanning process and deleted,
thus rendering the e-mails harmless. If infected .ZIP files are
password-protected, they cannot be successfully scanned and identified
as viruses; they are therefore delivered to the recipient. Unless
we block all .ZIP files--many of which are legitimate attachments--we
cannot stop these virus-infected attachments from being delivered.
Because the password-protected .ZIP files are likely to contain
viruses, it is critical that you do not open them . If you
inadvertently open one, please immediately inform your departmental
PC Coordinator. Also, do not forward the messages and attachments
to anyone. If you believe you have received a legitimate .ZIP file,
you may wish to contact the sender for verification before opening
it. If you have questions or concerns, please contact IR&C Desktop
Computing Services at 987-0457.