Spam emails with attachments and links are high risk
In email, don’t click on attachments or links unless SURE of source.
One of our biggest risks with email is being able to recognize incoming email spam or a phishing attack. Innocent looking email messages will typically have telltale signs, such as misspellings in various words and links. In many cases, you can “mouse over” the link and a pop-up should display the real (behind the scenes) website address. Don’t click on this link!!
A spam email (or phishing attack) is the first step in a possible ransomware scam. Ransomware attacks are typically carried out using a Trojan virus that is disguised as a legitimate file, contained in an email attachment. Once activated, the ransomware encrypts your personal data and the scammer withholds the decrypting password until a ransom is paid.
Sometimes we can receive a very innocent-looking email from a personal friend. Unfortunately, many friendly (non-spam) messages offer no true personal indicators of legitimacy while many spam messages go to lengths to appear safe. When in doubt, ask your friend for details or just delete. Turning this guidance around, when you want to share a link, a file, a joke, etc. with your family, friends and colleagues, add a personal touch to the email so that they are sure it’s not spam.
SPAM emails are designed to lower your guard so you’ll be more apt to click a link to a fraudulent website or an attachment. This allows the scammers to download malicious software onto your personal computer or gain access to your passwords and usernames.
A first step to prevent spam “temptation” is to avoid it in the first place. Email programs offer simple methods to filter your email, for example:
In Gmail®, open a concerning email message, click the “3-dot colon” icon on the far right of the email, click on Block, Report Spam or Report Phishing options.
Depending on the email service you choose, consider turning off the automatic downloading of attachments. This will reduce the risk of inadvertent attachment opening and, correspondingly, reduce your data transfer traffic,
Report any phishing scams to email@example.com, as the IRS recommends. Then, delete the phishing emails – responding to them just adds to your risk. Never click on an attachment or a link unless you are 100% sure of its friendly source. As previously discussed, link addresses may appear benign but may actually hide nefarious addresses. If you are in any way tempted to click on a link, open your browser, type the link address yourself or retrieve it from your bookmarks (appending any qualifiers as needed) and go.
FOR FURTHER READING:
CyberGuardian: a SecureTheVillage Guide for Residents is available on Amazon.
A complete Security Checklist is available: https://www.nerdsiview.com/security-checklist-2/
References for Village Residents are available at: hhttps://securethevillage.org/residents
© Alan Steven Krantz 2021