Nov. 5, 2013: pantherLINK Email Attachment Removal

Given the severity of malicious email virus attacks, .exe and compressed file attachments intended for delivery to your pantherLINK email account are being removed. This includes email sent from non-pantherLINK accounts, email clients and from pantherLISTs.

What file types are being removed? All .exe and compressed file attachments are being removed. The most common compressed files are .zip and .exe files. Other files affected include .odt, .pages, .kmz, .spv, .xml, .notebook, .xps, .rar, .celtx, .matkey, .numbers, .apk. Inb

Why has this happened? Recently UWM e-mail accounts were the target of a vicious email virus contained in .exe and compressed file email attachments. When the recipient opens the suspect .exe or compressed file attachment, a malicious virus is activated that encrypts the recipient’s files and all files on drives to which the individual has access. This includes shared file drives and attached external drives. There is no way for UWM to unencrypt these files.

What is being done? If a .exe or compressed file attachment has been removed, the pantherLINK account holder will see the following:

Subject Line Modification: **Info Security Alert: Attachment(s) Removed ** (followed by ORIGINAL SUBJECT)

At end of email text:

Info Security Alert: A compressed or executable file attachment was removed from this email message. If you have questions, contact the UWM Help Desk at 414-229-4040 or toll-free 877-381-3459.

What should you do?

Do NOT open any . exe or compressed email file attachments. All .exe and compressed files should be considered suspect, even those that appear to be from a legitimate pantherLINK email account because of the possibility that a legitimate email address has been hijacked for malicious use. Do not reply to the email. Contact the sender via a known email address or phone to ensure the attachment is legitimate.

Do not respond to ransom demands to recover your files. If your computer is infected with this malicious virus, you will receive a notice demanding a ransom to unencrypt your files. University funds cannot be used for illegal activities, including ransom demands. You should also not use your personal funds, as it will not guarantee recovery of your files and may set you up as a “target” for future attacks.

Back up your electronic files. Use pantherFILE, or another campus-supported file storage system to back up your most important files.

Use a pantherFILE link to provide access to .exe and .compressed files. If you need to provide access to an electronic file, upload the file to your pantherFILE space. Then provide access to the file by giving permission and sharing the link. The intended recipient can then be assured that the file is safe to open. Step-by-step instructions are available online at LearnTechNow.uwm.edu.

Questions? Concerns?
Contact the UWM Help Desk at 414-229-4040; toll-free at 877-381-3459 or use the online form at GetTechHelp.uwm.edu.