In our previous blog article, ‘How to protect your PC from email attachment Malware – Part 1’ we highlighted 5 steps that you can follow to decrease the likelihood of being infected by Malware via email attachment. This article provides more detailed information on the first three steps.
1/ Use Anti-Virus Software
Home users need reputable Anti-Virus software, such as AVG or Kaspersky on their PC. Business users need good AV software on their servers as well as their staff PCs. By having it on the Mail Server, a high percentage of malicious emails can be blocked before even reaching the staff.
All Anti-Virus software should be updated daily, so that the latest and greatest database file is available when your AV software is scanning your PC for malicious files or spam emails. There are settings in all AV software that allow you to schedule database updates, so that they happen in the background without you even noticing. Make sure you switch those updates on. The only thing worse than not having AV software on a PC is having software that is months out of date.
2/ Assess the sender
Who sent you the email? What does the subject line indicate?
Remember! Knowing the sender doesn’t automatically mean the email attachment isn’t malicious!
A sender can be spoofed or a malware program may have taken over your friend’s PC, and is now sending emails to all of their contacts. If you are puzzled by a suspicious-looking email attachment sent to you by an acquaintance (private or professional), it is best to give them a brief call, send a quick email or ask them in person.
Note: If you are sending them an email, DON’T just forward the suspicious email onto them, as you will just be perpetuating the problem, if there is one.
If they did not generate the email, they will certainly appreciate being informed that their PC is infected, or that their email address has been hijacked.
3/ Analyse the email content
What is said, and how?
If you know the sender, you should ask yourself these questions:
- Is the writing style consistent with other correspondence you had in the past from that person or organisation?
- Were you waiting for this email, or the information it contains?
For example, were you expecting a parcel from FedEx?
- Does the request in the email seem peculiar?
For example, it is highly unlikely that your friend will ask you to send him money while on he’s on vacation.
If you don’t know the sender, you should ask yourself these questions:
- Is the writing, grammar and general style of the email content sub-par for someone who claims/seems to be an English-speaking person?
- Do they ask you to do something / click somewhere / download something, etc…?
If yes, this is when you need to be especially careful.
Important! When using professional electronic correspondence, legitimate businesses (shipping companies, banks, the ATO, e-shops, etc…) will NEVER ask you to download and run programs attached to an email. Also, they will never send out threatening emails.
Tune in next week for Part 3 of our articles on what steps to take when protecting your PC from email attachment Malware.