Hi there
I am new here and I am looking for some advice as I am not sure what to do next.
We had 3 macs in our house all had the free version of Sophos. Two of them got a virus/hacked? from emails that were in the spam folder.
We are in the process of having them factory reset.
What do I need to do to stop this happening again?
Thanks
Hello there,
As a general rule, it is quite common for email addresses to receive infected messages. Most email providers run checks on the server-side to detect and discard these messages before they reach your machine, but this is by definition imperfect. There is, therefore, no way to completely stop receiving virus-infected emails, although you can, of course, sign up for email service with a provider who takes filtering seriously. That ought to help a very good deal.
Do note that receiving an alert from Sophos Anti-Virus stating that one of the emails in your SPAM folder is infected does not mean that your machine has been hacked. Unless a vulnerability were discovered on OS X v. 10.10.4 that allowed it to be hacked by simply downloading an infected email, you would need to display, open or otherwise run ("execute") the infected file to run into trouble.
Do note, also, that Sophos will often warn you about "generic" phishing threats. These are designed to steal your personal info if you open the message, but they may not necessarily "hack" your machine: there is a whole gamut of nastiness out there.
The best course of action is to delete the email without opening it and to empty the trash in Mail. To be safe, you may want to configure Mail so that 1. it does not load remote content in messages and 2. the content of messages is not displayed in the main Mail window, but rather in a separate window. This will ensure that messages that are downloaded are not displayed by accident.
Resetting your Macs to their factory state is indeed a good course of action if your computers were really infected. However, unless you actually opened the messages that Sophos said were dangerous you have little, if anything, to fear, and can continue to use the machine. (Opening the message in itself, when the loading of remote content is disabled, is rather unlikely to cause issue, too. It's really the attachment that should be left alone in the very vast majority of cases.)
Of course, always apply all the security updates available for your Macs and all the applications they run. All of the above assumes you are up-to-date on your patches, and Sophos Anti-Virus cannot protect you if your machine is not up-to-date. Simply keeping up with patches is the very best thing you can do to protect yourself.
By the way, please do not entrust your machines to random "computer people" or "rent-a-geek" services. When in doubt, your best course of action is to reach out to Apple at an Apple Store. Some "rent-a-geek" operators are very good indeed, others less so, and it is difficult to tell from afar. Apple geniuses are not perfect, but have no incentive to sell you on unneeded procedures.
I hope this helps!
Hello there,
As a general rule, it is quite common for email addresses to receive infected messages. Most email providers run checks on the server-side to detect and discard these messages before they reach your machine, but this is by definition imperfect. There is, therefore, no way to completely stop receiving virus-infected emails, although you can, of course, sign up for email service with a provider who takes filtering seriously. That ought to help a very good deal.
Do note that receiving an alert from Sophos Anti-Virus stating that one of the emails in your SPAM folder is infected does not mean that your machine has been hacked. Unless a vulnerability were discovered on OS X v. 10.10.4 that allowed it to be hacked by simply downloading an infected email, you would need to display, open or otherwise run ("execute") the infected file to run into trouble.
Do note, also, that Sophos will often warn you about "generic" phishing threats. These are designed to steal your personal info if you open the message, but they may not necessarily "hack" your machine: there is a whole gamut of nastiness out there.
The best course of action is to delete the email without opening it and to empty the trash in Mail. To be safe, you may want to configure Mail so that 1. it does not load remote content in messages and 2. the content of messages is not displayed in the main Mail window, but rather in a separate window. This will ensure that messages that are downloaded are not displayed by accident.
Resetting your Macs to their factory state is indeed a good course of action if your computers were really infected. However, unless you actually opened the messages that Sophos said were dangerous you have little, if anything, to fear, and can continue to use the machine. (Opening the message in itself, when the loading of remote content is disabled, is rather unlikely to cause issue, too. It's really the attachment that should be left alone in the very vast majority of cases.)
Of course, always apply all the security updates available for your Macs and all the applications they run. All of the above assumes you are up-to-date on your patches, and Sophos Anti-Virus cannot protect you if your machine is not up-to-date. Simply keeping up with patches is the very best thing you can do to protect yourself.
By the way, please do not entrust your machines to random "computer people" or "rent-a-geek" services. When in doubt, your best course of action is to reach out to Apple at an Apple Store. Some "rent-a-geek" operators are very good indeed, others less so, and it is difficult to tell from afar. Apple geniuses are not perfect, but have no incentive to sell you on unneeded procedures.
I hope this helps!
