Skip to Navigation | Skip to Content

August 2009

« June 2009 | Main | September 2009 »

August 28, 2009

Symantec Antivirus Incompatible with Snow Leopard

During testing, ITS has noticed that Symantec Antivirus 10.2 for Mac is incompatible with the latest Mac operating system Snow Leopard. We have been working with Symantec on a solution and hope to publish a fix in the coming days.

In the meantime, if you are running Mac OS X 10.5 Leopard and wish to upgrade to OS X 10.6 Snow Leopard, you should first uninstall Symantec Antivirus. To uninstall Symantec Antivirus, download SAV 10 for Mac (login required), navigate into the disk image, open the "Support" folder and select "Symantec Uninstaller" app. When prompted, place a check next to all Symantec products to be uninstalled and hit continue. When the uninstall has completed, quit the application from the Apple menu bar.

If you just purchased a brand new Mac computer with Snow Leopard pre-installed, do not install Symantec Antivirus 10.2 for Mac. If you do install Symantec Antivirus 10.2 for Mac, follow the instructions above to uninstall.

Important: Without antivirus protection, your computer may be highly vulnerable to network attacks. Macs, while not known for having many computer viruses, are becoming a bigger target for attackers and are not invulnerable. Antivirus software should always be installed and kept up-to-date on any computer.

We will soon be publishing a solution to this software incompatibility on the ITS Security Software page, which can be accessed from the "Ask ITS" button inside of NYU Home. While Symantec works on a solution, please remember to adhere to security best practices and visit often this ITS News page for the latest information on this matter.

August 21, 2009

DGTFX Webmail Phishing Scam

TSS has received several reports about an ongoing phishing scam targeting the NYU community. The message claims the "the virus DGTFX has been detected in your folder" and that the recepient must provide their password information in order to "upgrade" to the "secured DGTFX anti-virus 2009 to prevent damages to webmail logs". The fraudulent message requests that the recipient reply back to non-NYU email accounts, and in this case, an " @ns.sympatico.ca " email address. Below is a copy of the scam:


Example


From: nyu.edu Web-Team [mailto:XXXXXXXXX@ns.sympatico.ca]
Sent: Friday, August 21, 2009 5:35 AM
To: user@nyu.edu
Subject: Warning Notice!!!

A DGTFX virus has been detected in your folders Your email account has to be upgraded to our new Secured DGTFX anti-virus 2009 version to prevent damages to our webmail log and your important files.

Click your reply tab, Fill the columns below and send back or your email account will be terminated immediately to avoid spread of the virus.

NET ID:
PASSWORD:
PHONE NUMBER:
DATE OF BIRTH:

webmail.nyu.edu - Webmail Technical Team

Note that your password will be encrypted with 1024-bit RSA keys for your password safety to avoid any unauthorized user.




NYU community members should NEVER REPLY TO ANY email that requests the recipient's email login name and password. Instead, forward phishing messages as an attachment to our email filtering account phishing@nyu.edu. Doing so trains our email filters to prevent such types of spam from arriving into inboxes.

Please note: It is very important to forward the message as an attachment, otherwise our email filters will not be able to parse through the message correctly.

As a reminder of better security practices, always remember that:

  • No NYU community member will ever ask for your account password, especially not over email.
  • Do not reply back to emails from unidentified, untrusted sources.
  • Forward all phishing messages as an attachment to phishing@nyu.edu. This helps train our email filters to block such messages in the future.
  • Messages that request personal information over plaintext email should be regarded as being suspicious. If it is spam, forward it to is.spam@nyu.edu. When in doubt, do not reply and contact security@nyu.edu.
  • If a message informs you of an impending "account closure" unless you comply with its demands, it is often a sign that the message is a phishing scam. Do not comply with its requests.

The following sites also provide several useful tips on defending against these types of phishing attacks: