Get in touch:

Tags: , , ,

In a recent article, we looked at phishing emails in general and how to spot them. This time, we’re focusing on the dangers of infected email attachments, as these seem to be the phishing method of choice at the present time. Unfortunately, it can be all too easy to fall into the trap, as the emails and their attachments often look completely genuine.

A common approach is to disguise infected attachments as invoices, payment reminders or debt recovery letters. The latter in particular tend to make people worry, with the result that they’ll click on the attachment without thinking. Or, you might get an email purporting to be from a trustworthy organisation such as a bank, or perhaps Amazon or PayPal, asking you to download and run an attached programme (bona fide organisations would never do this).

An infected attachment can wreak havoc with your IT systems, potentially resulting in complete data loss, so it makes sense to know the warning signs to look out for.

Consider the sender

The first things to ask yourself are (a) is the sender known to you and (b) are you expecting the email? If the answer to both these questions is ‘Yes’, you’ll probably be fine. Having said that, there’s always the chance that the sender’s email account has been hacked and is now sending out malware – so take care!

Of course, you should be extra careful when you receive any emails with attachments from a new contact, especially if they’re out of the blue. If in any doubt, it’s best to give the sender a quick call to confirm their identity and that the email is genuine before you click on anything.

Check the file extension name

The letters at the end of a file name can offer a clue as to whether or not it’s genuine. For example, a .docx file is a Word document and a .pptx is a PowerPoint presentation. Of course, these files can still be dangerous, so you should exercise caution. But less familiar file extensions such as .exe, .msi, .bat and .cmd (there are lots more) can indicate a malicious file that will install and run infected programmes on your computer – more often than not in the form of ransomware.

Also, look out for Office file extensions with an ‘m’ at the end, such as .docm or .xlsm. These contain macros which could run infected code on your computer when you open them, so always make 100% sure the email is genuine before downloading the attachment.

Luckily, many email servers will identify and block emails with malicious file attachments. You can also configure your email account to block or quarantine certain file types as a matter of course, such as .exe files. As always, you should make sure your systems are fully up to date with the latest IT security patches and bug fixes.

Look out for archives

Sending email attachments as archives is a cunning plot hatched by cyber criminals to get their messages past email spam filters. You’ll typically receive a file with a .zip, .rar or .7z extension, sometimes along with a password. When you download the archive and enter the password, your computer will be promptly infected.

Of course, many people use .zip files in particular to reduce the size of genuine attachments. So with any email attachment you receive, you’ll need to use your judgement as to whether or not it’s safe to download. It can be a better idea to send and receive large or multiple files using a secure online file sharing service, such as WeTransfer or Google Drive File Stream.

Look at the email itself

A phishing email will often be badly written or contain other warning signs, such as not using your correct name in the salutation. Often the tone and / or language of the email is not right for the person who the email purports to be from. You might be prompted to ‘Act now before it’s too late!’ or similar. Always treat messages like this with suspicion, whether they contain attachments or not.

Scan the attachment

Your email filters and anti-virus software will pick up on many infected emails. However due to the constantly changing nature of the tactics used to send emails of this kind  there are always a few that slip through the net. So if you’re not sure if an email and its attachment are the real thing, you can run an anti-virus scan manually. And of course, if you do click on a malicious file by accident and your software flags it up as dangerous, don’t proceed to open it!

If you are a business owner or responsible for staff within a business, consider some staff training in how to recognise suspicious emails and what to do if they encounter any.

Have a suspicious mind…

It might sound cynical, but you really can’t be too careful when it comes to IT security these days. Don’t open or download any attachments unless you need to and have already confirmed they’re genuine. And if your email service has a ‘preview’ feature, make use of this as you can view most file types without having to download them at all.

Like to know more? Just ask Jalapeno!

Jalapeno Business Services are here to help with all your IT security requirements. Get in touch today to find out how we can help. Or why not book a FREE systems audit with one of our expert engineers? We’ll assess your current IT set-up and recommend how it could be improved to better meet your needs. Call us today on 01636681 110.