How to stay safe from unsafe e-mail

Today's Topics,,

How to stay safe from unsafe e-mail

E-mail is a special tool for hackers, cyber criminals and other online criminals. Today, most companies use e-mail as a primary means of communication. Companies may inadvertently become victims of data breaches if one of their employees inadvertently downloads an unsafe attachment to an e-mail or clicks on a malicious link. Users receive countless e-mails every day that contain some spam e-mails. If users use the e-mails of major service providers such as Gmail, Yahoo or Hotmail, they identify almost all of the malicious mails as spam. But in many cases, office e-mails do not detect spam properly. So we should be especially careful when opening suspicious e-mails, especially when there is an attachment or link. I am going to share some ways about how suspicious e-mail can be identified quickly and easily.

Notice the e-mail address and the contents of the e-mail

Pay special attention to e-mails coming from unknown or spoofed email addresses. Note the sender's name and e-mail address for these e-mails. For example: A hacker can send e-mail from customers@xyzbank.co instead of the user's bank e-mail address customers@xyzbank.com.

Scammers usually send these e-mails with enticing advertisements. For example: "Buy now, limited supply, huge prizes, etc." Users can read the e-mail without any worries, but avoid links and attachments with such e-mails.

Notice the following two examples:

Example-1: Strange address (email address) has been used.

Example 2: There is talk of a huge reward for capitalizing on the corona virus.

Attackers often use e-mail addresses that appear to be familiar or valid. You can also get phishing e-mails from addresses that users frequently contact.

Notice spelling, punctuation, and grammatical errors. Spam or phishing e-mails are less likely to use a username. In these you are addressed as "Dear Sir or Madam".

Finally, it goes without saying that an e-mail from an irrational address (for example: xyz34q@hotmail.com) must be something that the user should not open. Mark it as spam immediately and remove it from the in-box.

Avoid attachments and links to suspicious e-mails

The best way is not to download the attached file of the unwanted or suspicious e-mail and to refrain from clicking the link. These attachments may contain various malware and Trojans that allow cybercriminals to take control of the user's computer, log the user's keystrokes or collect the user's personal / official information and financial data. By clicking on the link, the user can be a victim of phishing.

Examples of phishing are: These e-mails are displayed as if they came from companies such as FedEx and DHL. They can track the user's package by clicking on the link provided by them or the link can go to a fake site where they will be asked to provide personal information.

Now the question is what to do if you receive an e-mail with attachments from a trusted person?

How to identify unsafe e-mail attachments?

Focus on file extensions

File name extensions help determine the type of attached file. For example: If the name of the file is abc.jpg, then the .jpg extension means it is an image. This is a video file when finished with abc.avi. The extension that the user should avoid is .exe, which when downloaded will install malware on the device. Attackers program them in such a way that many times these malware can bypass the protection of anti-virus and e-mail service providers.

Extensions that the user should avoid .jar, .cpl, .bat, .msi, .js, .wsf etc.

JAR: They can take advantage of Java runtime insecurities.

BAT: Contains a list of commands that run in MS-DOS.

PSC1: A PowerShell script with commands.

VB and VBS: A Visual Basic script with embedded code.

MSI: Another type of Windows installer.

CMD: Similar to BAT files.

REG: Windows registry files.

WSF: A Windows Script File that permits mixed scripting languages.

What if it's just an office file?

This should be fine, but the user needs to be careful. The attacker can also infect the user's device with Microsoft Office files. It may contain macros, which are instructions for performing certain tasks. If the extension of the office file ends with m then it is a macro file. E.g., .docm. pptm, and .xlsm etc. However, when using secure macro files for work needs to be verified from a trusted source.

Another question may arise, if the attached files are archived or zipped (.7z, .rar, or .zip)?

Hackers use these to avoid virus scans because they can hide malware in them.

If you receive an e-mail with a zipped attachment and ask you to enter a password to open it, it may be suspicious. So, before opening the encrypted file, make sure that it comes from a trusted source.

Always use active and up-to-date anti-virus

If the user has any doubts about the potential security of an e-mail attachment, check with the anti-virus program after downloading. Needless to say, the user's anti-virus program will automatically flag the file if it is compromised. Delete the file from the computer and do not download it again. Remember, although anti-virus applications may not be perfect, it is safe to avoid suspicious e-mail attachments.

Tips: I said at the beginning that if users use the e-mails of major service providers like Gmail, Yahoo or Hotmail, then almost all of the malicious mails are marked as spam. Many organizations allow the use of office e-mail as well as personal e-mail. So if there is any doubt about any useful attachment in the user's official e-mail, you can check it by sending it to the user's personal e-mail. In this case, you must know the institutional restrictions.

The authenticity of an e-mail can be deduced from some common perceptions. Many users are suffering due to a little carelessness. Only caution and awareness in the use of technology can protect a user from cyber attacks. So be careful, stay safe.

Photo source: Internet

Thanks for Reading....

@TheRandomRewarder Thanks for your Tipping....