Message: Early yesterday a new worm variant started spreading yesterday named Bagle.J. This worm has a relatively high degree of sophistication in its attempt to propagate. It will pretend to be from something like email@example.com or firstname.lastname@example.org and claim some action had to be taken against the recipient. It claims further details about the incident are in the zipped attachment which is password protected. This is the virus and under no circumstances should it be opened. Two things should be remembered when dealing with suspicious emails:
Always keep your anti-virus up-to-date. If you are using the University's Trend Micro Antivirus product, the updates happen automatically. If you are using another commercial product, be sure to check that it updates frequently - at least once a day.
Never open attachments that you weren't expecting without at least verifying they were legitimate. This can involve either e-mailing back the sender and asking, calling the sender, or some other means of verification. In the case of anything claiming to be from email@example.com or something similar, you can always call the ITS Center at 5-2000.
Due to a high volume of worm activity on the ResNet network, ITS and ResNet have agreed to block SMTP (port 25) until the worm is brought under control. Users may experience problems sending email through outlook or eudora. They will still be able to recieve email throuh their mail.rochester.edu address, and can still send email through the webmail program.