Protecting Yourself from Malware

One of the number of ways hackers spread malicious software is by mailing to “scraped” email lists to recipients who are usually unaware of the contents. Such mailing lists can be harvested from your firm’s website (for example, the “Contact” or “Our People” page), or simply guessed at. Every time you receive a message, always remember to open that email with caution! While there may be layers of protection in place to avoid the eventual deployment of hidden, malicious software, the best way to avoid spreading harm is by not opening the emails they’re concealed in altogether.

Often, your first line of defense is your email program’s spam folder. Most email platforms are equipped with some level of intelligence or rules-based action that can be alerted to the presence of malicious emails and divert them into a spam folder where they can be quickly deleted.

Another potential life-saver is your virus protection software. If malicious emails make it past the spam folder and a user opens them, virus scanning programs are designed to alert you to trouble. (In some cases you will be sent a prompt asking you if you’d like to keep the email despite the presence of seemingly malicious content.)

How can firms educate their users in opening emails with more caution thus avoiding an unintended deployment of malware or ransomware?

Three ways user intervention can help protect against malware

Examine the Sender’s Email Address

Hover over it or copy-and-paste it into a blank document. Examine the email domain name — the email domain name is the part that immediately follows “@”. Often, malicious senders try to disguise their emails as legitimate, imitating sender domains such as “microsoft.com”, your bank, or an official agency.

For example, if you receive an email purportedly from Bank of America, which one of these domains would it come from:

1. bankofamerica.com
2. bank-of-america.com
3. bank_of_america.com
4. bank.of.america.com
5. bankofamerica.gmail.com

If you don’t know, call the bank to find out — and always look-up the correct phone number; never call the number displayed in a suspect email.

Beware of Promises, Prizes, and Warnings

Many scammers will disguise emails in the form of notifications regarding prize winnings. Some of them make grandiose promises, and some come in the form of warnings. Beware of subject lines like:

Congratulations! You’ve Been Chosen By Amazon!

Click to Open NOW! We’ve Got Big News!

Hello (name), Your Participation Is Vital. Please Click Here to Finish Your Application

WARNING. Bank Account Breached, Click to Secure Account!

All of these are attempts at obtaining private information that can be spotted from a mile away by the vigilant user.

Look Out for Attachments and Typos

The malicious software is normally well-hidden in these emails. However, some of the best hackers will sloppily forget to conceal the attachment, which will be noticeable in the subject line.

You should also be aware of unprofessional typos and other mistakes in the subject line. This is a huge red flag, and you should spot them fairly quickly.

Hackers and criminal organizations are always looking for new ways to infiltrate your inbox and personal accounts. You should always keep yourself and your team updated regarding new methods so you can spot them before it’s too late.

With the right combination of alertness, an efficient email platform, and the right software, you should remain protected against these malicious programs looking to cripple your network.