I am a newly hired “Help Desk” support person, and am trying to write a “Safe Computing and Email Practices” guideline for our users, we are a small company around 100 users, and I could use a little help. Where I’m getting stuck is – the last 2 weeks we have had problems with 3 users getting the Backdoor.Autoupder virus, which supposedly comes from 2 infected websites. The users say they never visited these websites. I am trying to include in my guidelines the safety precautions for “safe internet browsing” and avoiding viruses through websites as well as email, but can’t find much info on how you get infected through a compromised website, or how they actually contracted the virus in the first place if indeed they didn’t visit the page by directly typing in the URL. Could they have gotten it through a banner ad or something like that? Is there a website that has any information on how you get a virus through a website instead of email attachments?
