Facebook

Virus and Malicious Email Tips

Webii periodically updates this page to describe popular virus or hoax emails customers may encounter. Customers are encouraged to remain aware of these types of threats to keep their email usage safe.

Questions About Emails You May Receive

I think this email is suspicious but I’m not sure. Can I forward it to you?

No, please do not simply forward a suspicious email to us. Especially if that email contains a virus, it is dangerous to forward emails with attachments or suspicious content to someone. If you want us to review the wording of an email, please copy and paste some of the the wording and email headers into a new email and send it to us at support@webii.net Please make sure that your subject line includes your domain name or something descriptive, to help us realize it is not just spam.


The “your account is in violation” email

Description:
This type of email will often include a subject line such as “Your account is in violation” or “Your account was suspended for security reasons”, and it will ask you to open an attachment for more details. Before you assume this email was from our department, make note of the sender. It will usually be at your own domain name, such as: [admin@yourdomain.com] or [service@yourdomain.com] . If we had sent you an important email, it would have been sent from [support@webii.net or hostmaster@webii.net. Also, no legitimate provider should ever ask you to open an attachment to remedy a problem.

Action:
The safest action to take is to immediately delete the email along with it’s attachment. Then, we recommend that you run a virus scan of your computer and any other computers using email at your domain name, to be certain the virus was not sending out from your own network. If the scan turns up clean, it is also possible that someone who has your domain name in their address book was infected with this virus. In that case, that person would need to clean their computer to stop the messages from continuing.


Passwords in an attachment

Description:
This type of email will usually include a brief message stating that your “new password” is contained in an attachment, or it will instruct you to open the attachment to get a password for retrieving some important information. The sender will often be a generic address such as [admin@microsoft.com].

Action:
Delete the email immediately, unless you are absolutely certain that someone you know sent you such information in a harmless document. It is very rare that anyone would send you important and legitimate information like a password in an attachment. The attached file is most likely a harmful virus.


Zipped attachments from strangers

Description:
Viruses are now commonly sent inside of zipped up/compressed files. This is to evade the popular virus filtering tools that would recognize a virus file on its own.

Action:
If you are not expecting a zipped attachment from someone and aren’t sure what is contained in it, you should probably delete the email and its attachment. If you think you know the sender, communicate with them in a way other than email to verify they did send you a legitimate zipped file.


The “verify your bank account” email

Description:
These types of emails will appear to come from any variety of popular banks or financial services. The sender address will be forged to read something like “security@bankone.com” or “service@paypal.com”. The message will instruct the recipient to “verify” their information by clicking on a link to reenter banking or personal information. They will usually address you as “Dear Customer” or “Dear Sir” instead of by your name or unique userid. These email hoaxes are referred to as “phishing” scams.

Action:
Never click on the link in the email to follow the instructions. If you are an actual customer of that bank and need to visit your web site account with them, the best thing to do is open a browser window and type in their usual web site address to be sure you are visiting the right place. Most times, the “links” in the hoax emails are masked by images or other techniques to appear like the bank’s web site – but in fact they are unrelated urls. Providers like PayPal also forewarn customers that if they do write an email to them, they will clearly address them by name and not “customer”.


Keep in mind that these scammers send out mass emails to thousands of people without knowing if they are actually a customer of that bank. They are betting on tricking someone who does have an account with the named institution. If you are concerned about your actual financial accounts, try contacting your provider by phone to verify your details instead

If you have questions not covered in this FAQ, please contact support@webii.net.