Emails that are full of nonsense are easy to spot. The real nasty ones, however, will be made to look like a standard office environment or notification, such as scanner emails, invoices, statements, overdue bills. They are specific enough to look legitimate, but are vague enough to make you want to know more and entice you to open the attachment.
Avoid being a victim of these ‘social engineering’ malware emails
1 – Was the email in your Inbox or in your Junk Email? – Google Mail automatically assigns any suspicious emails into Junk Mail. It does this using a multitude of checks and cross-references, and is extremely accurate. If you go looking through your Junk email, use extra caution and be extremely wary of any attachments, as they would already have been checked for suspicious content. Despite everything, there may be an email that occasionally reaches your inbox even though it is a scam email – nothing can ever be 100%.
2 – Do you know who sent the email? – The majority of fraudulent scam emails are sent by unknown senders who are not in contact with you. They may pretend to be from the HMRC, any major or minor bank, or any organisation that is likely to be known to the wider population. Scam emails are targeted at the widest possible audience, after all, so they will design their emails to be as believable as possible by closely copying publicly available materials (brochures, newsletter emails etc). If the sender appears legitimate, hover over their name in the ‘From’ field – often you will see that it bears no similarity to the senders name and often it will be from a foreign country.
3 – Does it make sense that you’ve received the email? – If it turns out that the sender is one of your regular contacts, even that doesn’t mean the email is always legitimate. If someone in your circle of communication has had their security compromised themselves by a scam email, it may be that the virus has sent itself to the full address book list of that person. You wouldn’t think too hard about opening an email from someone you already know, and this is what the authors of the scam emails are counting on. If someone you know has been compromised in this way by opening a scam email, you’ll see why you’d want to avoid being ‘that person’ for all of your contacts, too!
4 – Anti-virus won’t protect you if you’re careless – If you give an attachment consent to open, you are then relying on anti-virus to intervene, which isn’t guaranteed to work – It’s certainly not what it’s there to do. You’re better off making all of your checks first – you’re smarter than an anti-virus program.
5 – Most importantly, recognise that there are people designing emails specifically to trick business and corporate staff – They’re targeting you because they know that by using your computer as an entry point, they can hold business data for ransom for real money, because businesses can usually afford to pay, and will see the ransom as a small amount compared to the potential losses for the business. However, paying ransom money to cyber criminals isn’t even close to guaranteed money well spent . This happens for real, and we’ve encountered it twice, and successfully recovered from it both times. However, this still came at great and needless cost to the companies that were affected, and have resulted in redundancies and even closures for those who had nothing in place.
6 – Call us if you suspect something – If you want to check whether or not an email is a scam, or you are worried that you might have opened a false attachment, we will be grateful for your call. We’re here to make the situation better for you, and we know it can happen to anyone.