Common sense is your best defence:

The emails appear to be important and from reputable companies, banks or government agencies. They get your attention with claims about money transfers, lawsuits, deliveries, account transactions, etc.; inspiring curiosity about what the email is about and attachment contains. They often provide some vague information and direct you to check the link or attachment for further information. Once the attachment is opened, malicious code will run and attempt to infect your PC.

How to identify a suspicious email:

There are several key points to check to identify if an email is legitimate or not.

• Check the subject
• - Are you expecting such an email?
• Check the sender’s email address
• - It may appear to be exactly the same or very similar to a legitimate company’s email address.
• - If the email address (_@companyname.com) is correct, the sender may be using email spoofing. This allows them to copy a legitimate sender’s address.
• Perform a Google search for the company the email is claiming to be from.
• - Have you heard of, worked with, contacted or have any relation to the company?
• - Is the company even based in Australia?
• Copy and paste the text from the email into a Google search
• - If the email is part of a known scam, several of the top search results may contain information from other people that have received the same email.
• The attachment is a “___.zip” file instead of “___.pdf”
• - A zip file attachment for a document such as an invoice or receipt is incredibly uncommon.
• - These types of documents are almost always sent as a “___.pdf” document.
• - A zip file can contain any types of data, such as a virus.
• The email will not address you directly
• - “Dear guest”, “Dear Customer”, “Dear Client” is used instead of your name.
• Poor grammar, spelling or syntax
• - Quite often the structure of sentences and the use of words & grammar are not quite right.

If an email looks suspicious:

Do NOT open any attachments, in particular “___.zip” file types and delete the email from your inbox.

If you are unsure about an email:

Feel free to forward the email to us at and we will inspect the email for you.

For more information about the email security, or about any general security concerns you may have, please don’t hesitate to contact us.

What does this mean?

When support ends for a product, the company responsible for the product will no longer assist in troubleshooting or resolving issues until the product is upgraded to a supported version.

What are the benefits of upgrading?

The new version of the Sophos Control Centre also brings the latest version of the Sophos Client (v9.5) which offers several improvements over the previous versions, such as expanded protection and management options to protect your desktop computers effectively.

How does this apply to me?

If any issues arise with your installation of the Sophos Control Centre (version 2.5 or older) which would normally require logging a call with Sophos for assistance with the issue, the first step that will need to be taken is to upgrade the Sophos Control Centre a supported version (currently version 4.0).

The upgrade process:

The upgrade process will take approximately 30-60 minutes to perform. The upgrade process should not interrupt work flow or the availability of the server. The server will require a reboot once the upgrade is complete.

For more information about the upgrade, or to organise a time for the upgrade to be installed on your system, please don’t hesitate to contact us.

Arriving in an email with the subject reading "Here you have" or "Just for you," the actual worm masquerades as a linked PDF. However the file doesn't actually exist, but is instead an executable file with the .scr extension. Once the worm is installed, it will attempt to download additional malware and delete local security software including anti-virus. The worm can also spread through accessible remote machines, mapped drives, and removable media via Autorun replication.

“When the code is run on your computer it tries to turn off your security software, and attempts to send one of the email messages to contacts in your address book", Sophos said. When a user chooses to manually follow the hyperlink, they will be prompted to download or execute the virus.

The email containing the malicious links reads as follows:

Hello:
This is The Document I told you about, you can find it Here.
http:///PDF_Document21.025542010.pdf
Please check it and reply as soon as possible.
Cheers,

or

Hello:
This is The Free Download Sex Movies, you can find it Here.
http:///library/SEX21.025542010.wmv
Enjoy Your Time.
Cheers,

Sophos, McAfee, Norton, and other security software firms have already updated their definitions file to prevent further damage from the "Here you have" worm.