The Importance of Keeping your PC Secure - a Tale of Warning

We have had a recent issue here at Apex Digital that we thought demonstrates the importance of keeping your Personal Computer protected against viruses and other security vulnerabilities and the implications of not doing so.

We noticed, on a Saturday morning, that there was a lot of email traffic going via our mail server and so we started investigating the source. It turned out that the mail was all being sent from a single client that we would not have expected to have been sending out a lot of email. Further investigation showed that the mail was all spam and that a huge volume was being sent out to seemingly random addresses.

We took immediate steps to stop any more email being sent from this client by suspending that particular email account. Unfortunately several hours had passed and something like a million emails had been sent out. The spam attack had also triggered Yahoo, Google and a few other mail services 'Black Lists' meaning that all users on our server had been temporarily blocked from sending email. There were also nearly half a million deferred emails sitting on our server waiting to be sent which was causing email delays for all clients.

We immediately commenced work to unpick the damage done and reinstate the trust of our mail server. Unfortunately this process is entirely manual and can take a lot of time and effort to explain what has happened, what you have done to fix it and what you have done to stop it happening again, and in the meantime clients can’t send email to some recipients. It took nearly a week to get our Server IP address unblocked for Gmail recipients.

We spoke to the client, who was completely unaware of the issue, we were satisfied that he was not in the habit of sharing his email account with anyone or sending spam. We were also satisfied with the complexity of the client password. We then started trying to figure out how someone had been able to use this clients email account. Before we would allow him to start using our server again, we checked what Antivirus he was using and made him run a full scan of his computer  - nothing was found. Not satisfied with that, and with the imminent danger of a recurrence, we would not allow the client access to their email account. Instead we sent the client another tool to scan their computer and sure enough it uncovered a key logger Trojan hiding on the clients computer. This is how a hacker had been able to determine the clients password and hack their email account.

Our mail server had ground to a virtual standstill not to mention the cost of tens of hours of Systems Administration time in diagnosing and unpicking the damage, all because one computer, for one client, on one website had become infected by a virus. The client was completely unaware and had taken reasonable steps to secure his computer with antivirus software.

Our advice would be not to rely on just one Antivirus product. There are some very good free ones out there (e.g. Windows Security Essentials, Malware Bytes, AVG.) We recommend you have at least two installed on every PC. The cost of not doing so can have much wider consequences than just inconvenience for the PC owner.