Email Virus Circulating at U-M

January 26, 2015, update: UMHS computer virus: What you need to know


January 23, 2015, update: UMHS update on computer virus alert


January 22, 2015: There is an email message circulating at U-M with an attachment containing malware. Many people received email messages this morning (1/22/15) with these characteristics:

  • A subject line of, "You have received a new fa."
  • An attached .zip file called "fax-message 921497.zip."
  • Some of the messages may have been from U-M email addresses.

Anyone who receives one of these messages should delete it and not open the zip file attached. The zip file contains a virus. Opening the attachment results in an infected, compromised computer.

IIA believes that M+Google users are protected from this virus, because Google Mail detected the malware and put messages with the virus into Spam or Trash folders.

Other mail systems in use at the university, such as U-M Health System (UMHS) Exchange allowed some messages with the virus to be delivered. UMHS has warned its faculty and staff about the virus, and Medical Center Information Technology (MCIT) staff members are working on a resolution to this issue.

Be aware that this virus is not limited to the university and that it will likely change over time. We are beginning to see media reports about it elsewhere:

Anyone who opened the attachment should disconnect their computer from the network and contact their IT support staff for assistance. Please remind the users you support not to open email attachments they are not expecting and to check with the sender if they are unsure.