CIT has been notified of increased activity of the W32/Cekar worm and its variants in the wild. The worm appears to rely on social engineering tactics that lure users into clicking links contained in SPAM emails. These links will direct the browser to malicious websites to infect the server or PC. An infected host may download additional trojans, and upload sensitive information like usernames and passwords.
Symptoms may include:
- Network slowness
- Computer slowness
- Browser re-direction
Some examples of browser re-directions include:
- Entering www.NIH.gov in your browser's address bar takes you to www.bad_website.com,
- Clicking on one of your favorites that normally takes you to www.NIH.gov instead takes you to www.bad_website.com,
- Clicking on a link on an NIH website takes you to an unexpected website.
Do not click on any links contained in:
- Emails that you receive from an unknown sender.
- Unexpected emails that ask you to verify or cancel information.
If you are unsure of the validity of an email or its sender, contact the service or sender by phone, and delete the email.
If you have any problems such as extreme slowness, applications not running, or you get redirected to a different web site while using your web browser, please contact the NIH help desk at 301-496-4357.
