Recently, the Office of Information Technology (OIT) has received an increasing number of reports of suspicious and nefarious activities by no-name antivirus services, similar to this:
Joe User obtains a new (or newly-installed) computer. With the intention of keeping his computer safe from viruses, Joe installs a lesser known or no-name antivirus software he has found on the Internet. Shortly after that, Joe's computer starts to crash, while messages pop up to "call the antivirus software company help line." Joe makes the call, follows the help line instructions, and one or more of these situations occur:
- Someone takes remote control of the computer and shows the Joe various signs of "hacks" or "intrusions."
- Someone takes remote control of the computer and performs operations of which Joe is unaware.
- The so-called "help line" asks Joe for various other types of information, such as his U of MN Internet ID, password, and/or other personal data.
OIT RecommendationsDo not install no-name, unknown antivirus software on either University-owned or personal computers. Instead, consider using Symantec antivirus software, available at no charge to current students, faculty, and staff. University faculty and staff should consult their department's technical staff about which security package they should use on University-owned computers. If you need help installing the software, drop by any of the OIT Tech Stop locations for assistance at no charge.
Do not run your computer as "administrator." (This is the policy for University systems.) A separate, standard, user-level account is recommended for daily tasks such as email and web surfing. Use of the administrative level account must be limited to those actions which require administrative access (e.g., installing software, new hardware).
See University Policy Securing Private Data, Computers, and Other Electronic Devices for additional information on securing your computer.