The following is a list of frequently asked questions (FAQs) concerning abuse complaints and the way these incidents are processed. If after reading it you still have a question, send it to email@example.com
- What happens after the IT Abuse Team receives a report?
- How do I stop unsolicited email messages?
- Does the University censor individuals' web pages?
- Is it possible to catch a computer virus just by reading an email message?
- Why didn't the IT Abuse Team do something about the offensive email I reported?
What happens after the IT Abuse Team receives a report?
If the incident puts the security of the network and other computing devices at the University at risk, the IT Abuse Team attempts to notify the responsible party (individual/departmental contact) for the device causing the problem. We try to provide sufficient information so the recipient of the message can determine which device is being reported along with a step-by step guide for what to do.
Brief guide to dealing with a compromised computer or device
- DISCONNECT the computer described from the UVa network (both wired and wireless) and then reply to our email to let IT Abuse team you are working on it.
- If you are a UVa employee, SCAN the disconnected computer for highly sensitive data using Identity Finder (available here) If you're a UVa student, skip to step 4 below.
- If highly sensitive data (HSD) is found, STOP, contact us using the Information Security Incident reporting form and await further instructions. Do NOT attempt any clean-up of the malware until we say it's OK.
- If no HSD is found, CLEAN up the computer with a malware removal utility and notify us when the computer is clean and that no highly sensitive data were present.
Failure to reply within 12-24 hours to the email report from UVa IT Abuse will result in the computer (device) being disconnected (blocked) from the UVa network. The IT Abuse team may block a computer (device) from the UVa network immediately, with no warning, if the situation warrants it. For example, if a malware infection is severe, or we receive additional reports that the device continues to be a problem, or new reports are received for a computer that's been reported as cleaned up the IT Abuse team will re-block a computer (device).
If the computer is blocked, when you open a web browser (e.g, Internet Explorer (IE) or Firefox) you will be re-directed to the Network Registration Block webpage. All of the computer's Internet traffic is blocked or redirected to this website.
In order to remove the block, first complete the steps above, then return to the Network Registration Block webpage where you can resolve the issue by attesting that no highly sensitive data was found and the computer (device) has been cleaned up.
If no response is received within the indicated time frame, the IT Abuse Team will take steps to prevent the device from continuing to cause problems. The above process varies depending on the ability to locate a contact peron for a problematic device, and the nature of the problem it is causing. The IT Abuse Team may respond to more serious problems by calling the contact for the device or even by putting an immediate block on the device without prior notification.
How do I stop unsolicited email messages?
Many of these messages originate from sites that forge mail headers to disguise the true source. Some of the forged headers implicate sites that have strong responsible computing orientations and have nothing to do with the delivery of the message to you.
Do not reply to the sender or click on any links in these messages. Do not download or open any attachments. Although the University blocks the vast majority of spam messages coming into our servers, some occasionally get through. Deleting them is the most effective way to deal with them.
If either the nature of the message content or the volume of mail you are receiving creates a problem for you, please feel free to contact the IT Abuse Team, so we can look into your specific situation. Please include the message text and the full headers of any one of the messages that concerns you.
Does the University censor individuals' web pages?
No, the University does not censor individuals' web pages. This community is committed to the Jeffersonian ideals of intellectual inquiry and responsible free speech. The University enforces all applicable state and federal legislation within this context, and expects members of this community to act responsibly with technology resources. Violations of applicable laws are not permitted and may result in disciplinary action, including the loss of access to University technology resources.
Is it possible to catch a computer virus just by reading an email message?
Generally speaking, you cannot catch a computer virus just by reading an email message. You might, however, receive an email message with an attachment, and the attachment could be infected with a computer virus. When you double-click on an attachment to a message, you execute a program, which goes beyond simply reading an email message, and that could infect your computer. In an effort to make mail easier to use, some manufacturers have begun to execute attachments automatically, or to support software, like Java, embedded in mail. If you open the attachment without checking it first with virus protection software, you could infect your computer with the virus.
Why didn't the IT Abuse Team do something about the offensive email I reported?
The IT Abuse Team intervenes when there has been a violation of University technology policies and/or statutes. One of the guiding principles of our community is that individuals are responsible for their actions, including their behavior in cyberspace. Unfortunately, it is not always easy to determine when a violation of University policies has occurred. Sending someone a rude or offensive message, for example, does not automatically constitute an abuse of University technology resources or statutes. For example, if someone sent the same message in a typed letter, you might have little recourse. If an individual, however, forges this message to make it appear as though someone else wrote it, this action would be considered misuse of University resources, and the IT Abuse Team would intervene. It is sometimes a difficult distinction to make. Some communications, while obnoxious or hurtful, do not necessarily constitute an abuse situation. In situations where the complaint is not a technology abuse issue, members of the IT Abuse Team advise affected individuals about other courses of action available to them.