Email Safety Tips
Phishing, Malware, Crypto-Jacking and Ransomware – the potential of incautious behavior with regard to emails.
You, sitting at your computer right now, might be a threat to the well-being of your organization if you are not very well informed about the potential of incautious behavior with regard to emails. Your emails. If phishing sounds like something you do on a lazy day and email makes you think of humor that keeps you chortling in your cubicle, hoping the boss didn’t really need that report right away, you really need to read this.
That’s right. The email that you receive can be a subtle bid for you to do something automatic when you’re trying to process the flood of emails that most people now receive in their in-boxes. That knee-jerk reaction that you must learn to avoid is clicking on links and attachments. Keep your hands in your lap and explore your in-box with your eyes, not your hands.
First, check out the sender – the email address, not the name from your contacts that sometimes precedes it. If it’s a message from an external source instead of someone in your organization and you don’t recognize the source, be very careful. If the address seems legitimate, look at the names of the attachments to see if they relate to projects you’re working on—don’t open them until you are completely sure of the sender and the message. Make sure you’ve enabled the preview pane function in Outlook 365 and then assess the content of the message and scan for links. Again, if the sender is unfamiliar, don’t ever take the chance on clicking on something you’re not positive about. Instead, copy the link and paste it into your browser. If you’re not sure of the email, delete it. You can almost always pull things out of the trash bin if someone uses sneaker mail to ask you why you didn’t respond to their important message. And if you’re the curious type, remember Pandora and what happened when she opened that box …
OK, potential bomb defused. So, when did a simple form of communication turn into a threat, and what exactly can happen? Well, email changed right about when cybercriminals – yes, they exist outside of Marvel movies–realized that email was a golden opportunity to reach undetected into the heart of a company (or your private account) through high-volume spam-like messages. Their motivation can be money, information, processing power–or simple malice.
Phishing is the most common form of email attack and can take many forms. Big red flags are unsolicited emails from financial institutions and the danger is giving out confidential information like account numbers. Another form of phishing involves a request by a familiar person who asks the recipient to make major purchases that will subsequently be reimbursed. In a new twist, Spear Phishing targets a particular individual in the hope of getting information that will provide an in to their organization or its finances.
Malware Opening attachments or clicking on links from unknown senders runs the risk of allowing programming code to infect the hard drive and potentially a whole system. Attachment size is not a valid way to assess the possibility of danger.
Crypto-jacking is another spin on malware that takes some of the processor’s power after a site is visited, usually as a result of clicking a link in a phishing email.
Ransomware can hijack a system by shutting down or deleting functions unless the recipient pays to get them back – a course that is never recommended.
If you’re still not sure about the potential dragons in your in-box, talk to us about training for your employees – CrafTech is here to protect you!
Written by: Susan Palmer