Sophos wishes all its customers a happy new year, and to reduce
the risk of virus attack in 2002 recommends businesses consider the
Subscribe to Sophos's email
notification list for information about new viruses discovered
in the wild. You will be emailed with details of how to protect
yourself against the latest threats as they emerge.
Subscribe to Microsoft's security bulletin mailing list.
As security vulnerabilities and loopholes are found in Microsoft
applications and operating systems you will be informed of how best
to protect your company against them. Viruses which have exploited
loopholes in Microsoft software in the past include VBS/Kakworm,
Code Red and Nimda. It is important that these patches are applied
by your organisation across all vulnerable computers.
Block dangerous file types at your email gateway from entering
your organisation. Few companies will have a legitimate need for
file types such as VBS, EXE, SHS etc to be emailed into their
company from the outside world. Blocking them at the gateway can
help prevent infection from future viruses as well as many existing
viruses. Stopping files with more than one extension (for instance,
LOVE-LETTER-FOR-YOU.TXT.VBS or ANNAKOURNIKOVA.JPG.VBS) from
entering your company may also be a good idea. More details on this
and other safe computing tips can be found in Guidelines for safer
Raise awareness of the virus threat amongst your users, and
educate staff to be suspicious of unsolicited email attachments,
even if they appear to come from a friend or colleague. If you
receive an email written in an unusual way, or containing a file
type you do not regularly exchange, then your staff should be
suspicious and be wary of double-clicking on it.
Sophos provides a number of resources to aid system
administrators who wish to educate their users about the virus
threat, including the Sophos virus
information feed and the book Computer viruses
1Computer viruses demystified was renamed
Viruses and spam:
what you need to know in 2004 when the book was updated and
expanded to include information on spam, mobile phone threats,
phishing and spyware.