Getting email attachments is a common thing these days, and it is, therefore, imperative that you learn to handle them with care, as they are often used as a vector to deliver a malware payload to your computer. Let us look at some precautions you need to take when opening email attachments.
The classic cases of unsolicited mail with malicious file attachments are usually of this nature:
- You won a reward or a lottery, and you need to fill in the details in the attached form
- Your business order has been canceled or that you got a new order
- Emails that talk of some Invoices
- Work from home and earn money
- Pain relief or weight-loss programs
- Letter from a Bank, PayPal, etc., asking you to submit details as per the attachment or else the account will get blocked, etc.
If you are using a good antivirus software or an Internet Security Suite, the chances are that the malware file will be automatically quarantined as soon as it is downloaded to your computer. If you are using an email client like Outlook, still better for you.
These days most of the commonly used email service providers like Outlook or Gmail have good filters in place that move such email – especially those who have .exe or compressed folders with exe files – automatically to the Junk folder.
But nevertheless, you need to be alert at all times!
Precautions to take when opening email attachments
First and foremost, never click on an email attachment that you were not expecting.
Next, check the email ID of the sender. Is it from someone you know?
But even if the email ID looks familiar, email spoofing and other hacks make it very easy to send email using someone else’s mail ID.
If your service or software provides, set your email preferences so that attachments don’t download or open automatically. This usually is the default setting – but never hurts to be sure. Make sure that you configure the Attachment Manager in Windows correctly.
Hover your mouse pointer over the attachment. Is it a .exe file? In that case, simply do not download it. Is it an Office .doc file? Then again do not click on it as it could be a Macro virus. Now, what if it has some other file extension? Even if this is the case you need to take sufficient precautions as malware writers can easily disguise a virus or a trojan or a ransomware file using any file extension.
If at all you cannot control your curiosity and you want to check out the email attachment, do not select the Open option but instead select the Download option. Once the file has been downloaded to your computer, right-click on it and scan with your antivirus software.
If you wish to be safe, upload it and get it scanned with any of these free online antivirus scanners.
Read: How to scan email attachments online for virus.
Remember, if the attachment file you download turns out to be malicious, it could infect your files and even wipe out your data or lock it, if it is a ransomware file. So you really need to be sure that the file you downloaded before you open it. This post will show you how to identify malicious email that has a virus.
My rule? If in doubt, I don’t. Period.
Have any more ideas? Do share the precautions you take.
Now read: How to Secure and Protect your Email account.
“First and foremost, ever click on an email attachment that you were not expecting.”
“Over your mouse pointer over the attachment.”
Great advice! Even if a bit incomprehensible.
There is a more civil way of pointing out typo’s. But thanks anyway, Dave. Correcting. :)
I bring up my Linux live CD, open the file. If it crashes, it was supposed to.
If it trashes the browser and lots of ads pop up, etc, just turn off the power.
If it is legitimate, OK.
This advice is not practical for lawyers who have thousands of clients or potential clients. “Knowing” the client means little when clients have their emails hacked and potential clients are not known. You could refuse to accept all attachments but that is likely to cause an attorney lose clients or potential clients.
Any practical advise such as the best scanner for attachments? Accept only PDFs not Word docs?
There are numerous strategies. Here are a couple.
Inform your clients that you accept only PDF attachments, and that if they send a different type of attachment you will have to call them to confirm which will increase their bill. If they send an infected attachment this may require disinfecting your computer which will also add to their bill. This gives them incentive to always send PDF.
Another option is to have a dedicated computer for screening email and saving, testing, and filing attachments. The computer can be put on a separate subnet to keep it isolated from direct access to other computers in the office to protect from the worst case scenario – a ransomware worm.
PDFs cannot be infected?
Not everyone has a PDF maker but clients can be encouraged. Also, good luck trying to bill consumer clients. Perhaps you were assuming the clients were big corporations but they would be sending PDFs in the first place.
The dedicated computer is also completely impractical, especially since you want it to be outside the network.
Are there any real figures here? How many millions of emails are sent each day and how many actually contain any kind of harmful virus that gets through basic A-V screening?
PDFs can be infected. Jeffrey, I’ve been in the field 27 years but got involved with virus and malware removal the last 10 years. I’ve only dealt with the dreaded ransomware 7 times. Six of those 7 had popular and updated corporate AV/security programs installed. In each of the 6, the virus program detected and deleted or quarantined some or all of the malicious files but not fast enough. The users’ files still ended up encrypted. Four of the six had current backups, two lost everything.
The attachments were either zipped files or PDFs. In one of the PDF cases, the email looked entirely legitimate from a user in her own internal network. It was a spoofed email. As far as real figures, one of the infected clients was down for two weeks as the ransomware ripped through all of their servers and they struggled with restoring from backups. They dealt with hundreds of thousands of emails through out the years. It only took one to bring them down. I’m not going to plug any vendors, but if you do not have one, a serious hardware firewall would help.