Computer Viruses Pose an Issue for Students

Computer viruses are on the rise on campus, said David Escalante, director of computer policy and security.

This knowledge prompted the e-mail sent out to the student body by Information Technology Services (ITS) at the beginning of the spring semester.

"We sent an e-mail to the student body because we were tracking an increase in the number of people infected by ‘fake anti-virus' messages on their computers," Escalante said in an e-mail.

While the viruses are prevalent, he said, it is less of an issue now than it was in the previous five years.

Viruses of particular concern to ITS are Torpig, Koobface, and Zeus. "We are finding these by monitoring the BC network for these and other viruses' network signatures," Escalante said. All three operate by means of deceit. Torpig, for example, appears to be performing a desirable function but instead facilitates unauthorized access within the computer system.

The viruses work around anti-virus programs. "When the messages are clicked on, they actually infect your computer instead of fixing an infection, which is what they claim on your screen," he said. "We are running into multiple examples where people on campus are getting variants of these viruses not detected by McAfee or other anti-virus programs."

The Koobface virus targets the users of social networking websites, such as Facebook and Twitter. Koobface spreads by delivering Facebook messages to people who are ‘friends' of a Facebook user whose computer has already been infected. Also, Escalante said, "Zeus is especially nasty in that it steals financial info."

"We theorized that many people on campus didn't have viruses enough to recognize what a real McAfee or Sophos virus warning looked like versus a fake one," Escalante said. This theory was what prompted the e-mail.

"Hackers, spammers, identity thieves, and other cyber predators are becoming increasingly sophisticated," the e-mail read. "Their latest ploy is to exploit your desire to protect your computer. Some viruses are disguised to look like virus warnings, but when you click anywhere in the warning it actually infects your computer."

"We generally don't e-mail the campus about a security issue unless it's affecting multiple people on campus already," Escalante said. "With the e-mail, we wanted to provide useful advice to the BC community."

ITS instructed students to not click anywhere in a fake alert, to not try closing the alert, and to save any files being worked on, if a fake virus warning should appear.
"I would consider the e-mail a success," Escalante said. "We tracked a substantial increase in visits to the BC Web site explaining what legitimate virus warnings look like right after it was sent, and since that time we're not getting as many people infected by these fake anti-virus messages."