Computer viruses used to be very obvious - you'd know that your computer was infected because threatening messages would appear on your screen, or applications stopped working. Today's malware instead tries to be as secretive as possible - the goal is to get onto your machine and start stealing valuable information, not to show off programming tricks. Many of today's attacks come wrapped in a cloak of pseudo-legitimacy, appearing as a message or request for information from an official source, such as your bank, eBay, even the Humboldt State University Technology Help Desk.
HSU's support team does not send information about system upgrades or patches via email. Your bank won't ask for your password via email, nor will it ask you to log in to your account and change your password. So if you receive an email asking for information that you would consider confidential (social security number, HSU or online banking passwords, for example), or with an attachment you didn't request, contact the sender by phone to check the legitimacy of the message. Check out these real examples of phishing mails sent to HSU.
A note on email attachments
Because certain file types are commonly used to transmit malware, those types of file may not be sent over the HSU email system as an attachment to a message. It's best to use SFTP to upload those files to your Network Folder to transfer them to someone else on campus. If you attempt to send an unsafe attachment via email, you'll see an error message similar to the following:
HSU has a campus-wide license agreement for Microsoft's System Center Endpoint Protection, so all HSU-owned computers are automatically protected. Student, staff, and faculty personally-owned computers are protected until April 2014 under the terms of HSU's previous campus-wide license for Sophos Antivirus.
Any of these antivirus programs is approved for use on devices connecting to HSU networks.