I had a call today from someone in a local council – a confused someone. They’d received some email from email@example.com. Thinking that “gov.uk” sounded important, they checked the website www.gov.uk and found that it was ours – the ukonline main site. So the mail must be legitimate they thought. It contained a solicitation to open the attachment and complete the details in the enclosed form to avoid any problems with their “account”. Naturally, this was a pile of rubbish and in the attachment was an executable that hijacked their network and has sent out god knows how many emails to all and sundry.
I sympathise with what occurred at this council – but it proves that the education process is not sufficient yet. If we’re going to eradicate viruses then everyone needs to make the investment in good software to counter them. The idea that a council or corporation would have an open network, today, with no anti-virus defies belief.
My own mail provider religiously notifies me of all the viruses it has stopped – I’d much rather it didn’t, after all, a mail telling me that I didn’t get a virus still clogs up the mail system, counts as spam in my book and is really only ego-mail for the provider so that they can tell me that they are looking after me. But, if that’s the price of not getting viruses, I’ll pay it for now.