Email Scam Spreads Viruses
June 20, 2005
(June 20, 2005) Some emails that appear to originate from the Association of Fundraising Professionals (AFP) using the "afpnet.org" extension have been found to contain a virus in the accompanying attachment.
These emails are not sent by AFP, but have either been sent through viruses or are distributed by scam artists in hopes of obtaining credit card information, Social Security numbers and other sensitive data.
AFP encourages members to update their virus protection software often; to not open any attachments if they don't know what it is, even from AFP employees; and to not respond to requests that seem to come from AFP that directs members to a web-based page to update information on credit cards, Social Security numbers, etc. AFP doesn't collect that information via email!
The only time a member would give AFP credit card information is when they initiate a transaction - to donate, join or renew their membership, register for an event, purchase a product, etc. AFP does use third-party providers for some services but those providers are officially linked to the AFP website.
AFP will ask members from time to time to update address and other contact information, and demographics, but never Social Security numbers, credit card information, etc. If members want to verify that a web page asking for update information is legitimate, they should look at the address. It should be "www.afpnet.org" or "reports.afpnet.org" or "portal.afpnet.org."
AFP encourages all members to be diligent in their email security practices. McAfee, the Internet security software company, provides these email virus tips on its website:
- Do not open any files attached to an email from an unknown, suspicious or untrustworthy source.
- Do not open any files attached to an email unless you know what it is, even if it appears to come from a dear friend or someone you know. Some viruses can replicate themselves and spread through email. Better to be safe than sorry and confirm that they really sent it.
- Do not open any files attached to an email if the subject line is questionable or unexpected. If the need to do so is there, always save the file to a floppy disk before opening the file.
- Do not download any files from strangers.
- Exercise caution when downloading files from the Internet. Ensure that the source is a legitimate and reputable one. Verify that an anti-virus program checks the files on the download site. If you're uncertain, don't download the file at all or download the file to a floppy and test it with your own anti-virus software.
- Update your anti-virus software regularly. Over 500 viruses are discovered each month, so you'll want to be protected. These updates should be at the least the products virus signature files. You may also need to update the product's scanning engine as well.
- Back up your files on a regular basis. If a virus destroys your files, at least you can replace them with your back-up copy. You should store your backup copy in a separate location from your work files, one that is preferably not on your computer.
- When in doubt, always err on the side of caution and do not open, download or execute any files or email attachments. Not executing is the more important of these caveats. Check with your product vendors for updates which include those for your operating system web browser and email.