Virus woes

Our hospital mail servers are being hit pretty hard with a nefarious virus that claims to be from the networking team. It's making email unpleasantly slow.

The first message I got came from the hospital-wide broadcast email address, just a :-) in the subject, "I don't bite! Password: 53321" and an attachment masquerading as a zip file. Naturally the first thing I did was delete the message, since didn't even remotely resemble anything that typically comes from the broadcast email address. Apparently, others did not think about the message as much and now chaos is ensuing.

There's also been a similar one claiming to be from the IT group about accounts being deactivated.

Subject: E-mail account disabling warning. Dear user of xxxxxxx gateway e-mail server, We warn you about some attacks on your e-mail account. Your computer may contain viruses, in order to keep your computer and e-mail account safe, please, follow the instructions. Advanced details can be found in attached file. In order to read the attach you have to use the following password: 35151. Best wishes, The xxxxxxxx team

So I've been getting about 4 or 5 emails every minute from various people I've never heard of on campus. Ironically, most of the messages aren't propagated by the virus...instead they're coming from people responding to the initial virus message saying stuff like "Why am I getting this", and people responding with stuff like "I don't know why I'm getting this either". Then these people click "Reply to all", so not only does the original sender get a response, but the entire hospital has to see the same message too, since the broadcast email address was in the From header.

So now hospital email (Groupwise) is all but useless because the mail server is bogged down with virus email, people responding to virus email and people responding to people responding to virus email.