Is This Email OK to Open? 9 Warning Signs to Watch
You probably receive dozens, if not hundreds, of emails every day. If just one of these has a hidden virus inside, it could create havoc at your company. Here are nine things to look at before you do any clicking in that email.
Email is the most often used vehicle to infect a computer or network. Deploying good business class, installing licensed anti-virus software and spam filtering are the proper first steps when protecting a computer or network.
Most studies show humans are the cause of many computer and network breaches. Employees are still the weakest link in the security chain and hackers use social engineering to exploit that weakness. With that, employers need to educate their employees to recognize the danger signs of suspicious and dangerous emails. Users must stop and look at an email and consider the following warning signs before clicking on embedded links and attachments or responding to the email.
Here are nine things to look for to determine if the email you’re about to open is safe.
1. The from: line
Do you know the sender? If not, be cautious. Even if you know the sender, does the sender’s name match the email address? For example, it is highly unlikely American Express will be sending emails from a Gmail account and not from americanexpress.com. Is the email from someone within your company but looks suspicious or out of the norm? Although the sender’s address may be familiar, the cybercriminal might be spoofing that address, making it look like it is coming from a trusted source when it is really coming from a spammer or someone sending a phishing email. Does the sender’s address look suspicious, perhaps containing a slight misspelling? An example might be an email coming from micorsoftsupport.com. Can you spot the incorrect spelling of Microsoft before you open the email, attachment or click on an embedded link? If you have had no prior communication or relationship with the sender, the email may be dangerous.
2. The subject: line
If the wording/text in the subject line does not match the wording/text in the body of the email or has nothing to do with the content in the body of the email, the email might be a phishing or virus email.
3. Main Body (content/text of the email)
Does the email contain bad grammar and spelling? These are two good indicators the email may be phishing or worse. But don’t rely on bad grammar alone, as today’s cybercriminals have improved their grammar and spelling. Does the email have a high sense of urgency, asking you to click on a link or open an attachment to avoid something or to receive a reward? Does the text of the email simply look wrong and you have an overall bad feeling about the email? If so, then restraint is best.
4. The to: line
You receive an email and there are many other recipients in the to: line and you recognize few, if any. Perhaps an individual has been hacked and their contact list is being used by the spammer and your address happens to be in that contact list. The cybercriminal is now sending emails to all the people in that list, you included.
5. The CC: line
The same situation as the to: line.
The email contains an attachment and the file extension looks suspicious, especially if the attachment is a .exe or zip file.
7. Embedded Links
Does the email contain a link and the sender requests you click on the link in order to update some information or download information? Does the link address have relevance to the email? Is the link address exceptionally long or does it seem to have a misspelling such as the micorsoftsupport example? Can you spot the misspelling before you click on the link?
Does the email contain a link where you can unsubscribe? If so, be cautious when you unsubscribe as the link might launch a virus. Also, spammers send out millions of emails in bulk, often to addresses that may not exist in hopes that some are correct and arrive in an inbox and are then opened. If you unsubscribe, you are sending a message back to the spammer that you are a real person and spamming will continue.
9. Alias Addresses
Does your company, like most, use alias addresses such as sales@, info@, hr@ and others? These types of addresses usually forward an incoming email to many others in the organization. Cybercriminals will target these addresses as they know their email will be forwarded to many others in the organization with a greater chance of the email being opened.
If any of the above are relevant to an incoming email, be cautious before opening or clicking on links or attachments. Deploy network security processes and products and educate your employees in order to greatly reduce the chance of malware hitting your network.
Steve Giordano is president of TeamLogic IT. Learn more about the company by clicking here.