“The single biggest existential threat that's out there, I think, is cyber.”
In fact, an article on ThreatMatrix.com, ThreatMetrix Cybercrime Predictions, reported that “[Cyber] attacks will become increasingly global and more complex” and “Cybersecurity will be a center-stage issue globally in.” As a business, you must pay attention to the growing epidemic of cyber attacks.
One way your business can become vulnerable is through infected e-mails and attachments unintentionally launched by employees. You can improve security by teaching your employees how to recognize unsafe e-mails and attachments. In Part I & Part II of this three-part series, I talked about protecting client data from malicious Phishing attacks and identifying the “vehicles” that cyber thieves use to breach your computer/cell phone. This final article in the series addresses the top five questions to ask before opening potentially dangerous e-mails and attachments:
Who is the sender?
It sounds like common sense, but we don’t always pay attention to the e-mail address in the sender line. We are often too distracted and too much in a hurry.
In fact, a study conducted by Harvard psychologists Matthew Killingsworth and Daniel Gilbert shows that half of the time our mind is somewhere else (or on “autopilot”). – and cybercriminals rely on it. Spoofing the display name in the sender line is a favorite phishing tactic among cybercriminals, so get into the habit of checking if the sender is (or looks to be) authentic. Pay attention to details like the file extension - Does it look unusual (such as .ru – which is Russia)?
File Extensions in the e-mail attachment
You should also make it a habit to check the e-mail address in the To: Line. Make sure your name is spelled correctly and that you are not blind copied (bcc) with several other recipients you may or may not know!
Does the e-mail have spelling and/or grammar mistakes?
Sometimes a phishing email is easy to recognize - just look for obvious spelling and awkward grammar mistakes:
Some fraudulent emails originate from foreign countries where the English language is less common. If you get an email from someone you know and something seems a bit off, it may be written by malware or a hijacker. Such emails could also be phishing emails without any dangerous attachments — for example, if you get an email from someone you know saying they’re trapped and need you to wire some money with Western Union, this could easily be a phishing scam.
Case Study example:
Bob, the Controller for a large transportation company, received an e-mail from the President of his company requesting a wire transfer. The request was not uncommon, but the way he was addressed in the e-mail raised a red flag. The president always starts his e-mails with “Hi Bob.” This e-mail was addressed “Dear Bob”. In addition, the body of the e-mail contained a few minor spelling errors. Upon further investigation, Bob discovered that the transfer request was to be wired to an off-shore account. Bob immediately contacted the President and authorities were alerted.
Does the attachment contain a suspicious file extension?
One of the easiest ways to identify whether a file is dangerous is by looking at its file extension. For example, a file with a .exe file extension contains a program that when clicked, is capable of launching a dangerous executable program directly onto your computer/laptop/phone. You should always run an antivirus before clicking on a file with the .exe extension – or better yet, report it to your IT partner first, and let them handle it. And you should NEVER open a Zip file that asks you for a password.
Other potentially dangerous file extensions include:
- Executable Files - .exe, .com, .bat, .pif, .vexe, .dll, .cpl, .msc, .cmd, .ps1, .scr
- Microsoft Office Macro Files - .docm, .xlsm, .pptm
- Installers & Compressed Files - .exe, .msi, .zip, .cab, .rar, .tgz
Double Extension?
Stay alert and be on guard for files with double extensions (for example file.doc.exe)
A helpful hint for uncovering hidden file extensions is to disable “hide known operating system files” which can help you see the double extension that some websites and emails try to trick you with, for example Word.doc.exe
To show or hide file name extensions:
- Select Start
- Select Control Panel
- Select Appearance and Personalization
- Select Folder Options.
- Select View tab
- Select Advanced Settings and do one of the following:
- To show file name extensions, clear the Hide extensions for known file types check box, and then click OK.
- To hide file name extensions, select the Hide extensions for known file types check box, and then click OK.
Are you expecting the e-mail?
If you didn’t request it, don’t open it! Never, never open a file from a company or person you don’t know or didn’t request information. If you receive an email that doesn't ring a bell from a previous conversation with the person or company sending it, be on your guard. Ask yourself the following questions:
- Why would this be relevant to me?
- Why would they email me now?
- Is there a good reason why they are asking me these questions?
If you can't answer these questions, don't click on any links in the email or open any files, at least until you do more investigating to determine its legitimacy.
Phishing scams can take many forms including fake websites and alerts like the ones seen below. If you see an alert like the one below, DO NOT click. It could be an attempt to get your personal information or contain a virus that is launched onto your computer.
Your phone is no exception. Here is an alert you might see on your mobile phone:
Conclusion
Cybercrime prevention should be a top concern for businesses today. When armed with the right technical advice and common sense, many cybercrime attacks can be avoided. Partnering with the right technical experts and educating your employees on a regular basis will go a long way. The more difficult you make it for cybercriminals to attack your business, the more likely they are to leave you alone and move on to an easier target.
