SPOTTING A RISKY EMAIL

TO ALL OF OUR VALUED CUSTOMERS:
(and anyone else who reads this)

We have had a number of customers infect their own computers and company servers in recent days by clicking on infected email attachments or embedded links in email.  Although the risks of opening unsolicited attachments or clicking on email links have been pointed out many times on TV, on the radio, and on-line by internet personalities, anti-virus and anti-malware software vendors, and in popular forums such as Facebook, we still find people who blindly open any email they receive and click on a link or open an attachment that they shouldn’t have.   The results are usually costly in terms of recovery time, and if the infection is from ransomware such as Cryptolocker, the loss of data could be catastrophic to your business.

You might wonder why your anti-virus protection frequently doesn’t protect you in these cases.  Well, first of all remember that these programs typically guard against attacks against your computer from the outside.  When you click on a link or attachment, you have effectively invited that infection into your computer.  And even when a well-designed and up-to-date anti-virus program does notice that the user has opened something risky, we often see users so focused on opening that attachment and seeing what’s inside that they ignore the warnings and give the attachment permission to proceed.

The simple truth is this: the FIRST and BEST line of defense against viruses and malware is a skeptical user.  It is simply not that hard to spot a risky email if you simply keep a few simple things in mind:

1. If you didn’t ask for it or otherwise expect it, DON’T OPEN IT!  It doesn’t matter if it sounds like it is from a friend or relative or a known business associate – sender’s addresses are easily faked and more than likely means that supposed sender’s computer has been compromised.

2. If the sender is a company and the email looks legitimate, take a moment to look for other clues such as the return address.  We have seen supposed emails from Microsoft containing very legitimate-looking logos and text with a return address such as ‘service@micro-soft.com’ or ‘customer.support@mic-soft.com.ru’.

3. Another dead giveaway is the grammar, spelling, and syntax of the email.  If words are misspelled, capitalization is odd, the sentences sound like they were written by someone from another country, guess what? They were!  No reputable company of any size would let a poorly composed email be sent out.

4. Embedded links in email should also raise questions.  Hover your mouse over the link (DON’T click on it) and you should see the destination of the link pop up.  If the email is from Amazon or your bank, but the link goes to ‘12746538.alfresco.yahoo.com’ it should be clear that the email is not legitimate.

5. Lastly, consider what the email asks you to do.  If all it says is “You’ve got to see this” and wants you to open the attachment, don’t do it.  If it is from the IRS and says ‘Please click on the attached file to read the details of our audit.”  You should recognize that the IRS will never correspond with anyone by email, so don’t open it.  And if the email says “Please click on the following link and confirm your account details, again DON’T CLICK ON IT!  A legitimate request would direct you to go to the company’s web site to log on the way you normally would and then update your account details.

I could go on with examples all day, but these illustrate the kind of things that should easily tip you off to a risky email.  But it all depends on you and your willingness to pay attention to a few easy-to-spot clues before you open an attachment or click on a link.  If you don’t review your email with a little skepticism, no anti-virus or anti-malware program in the world will be enough to protect you.

Warm regards,

George Hefter
TCT Computer Solutions