How to Identify Malicious Emails
Malicious emails are what lead to viruses and breaches of your information. There are two main types of malicious emails: ones that send you a link or a file that will launch a code to infect your machine with a virus, or those that pose as real emails from legitimate organizations or people to try and get your credit card or other information from you (called Phishing). In the following blog, we will outline some tips to help keep yourself safe.
If You’re Not Expecting the Email, Be Cautious.
We cannot stress this one enough. If you’re getting a message from a friend, family member or co-worker saying they’ve sent you something and to click on a link or open a file. Just ask them before opening it if you’re suspicious.
Case in point. Last month I received an email that was addressed to me from another co-worker. It said I had a UPS shipment coming from this person. I didn’t think my co-worker was sending me anything, so I made sure to ask him before I clicked on any links or files attached to the email. He told me he hadn’t sent me anything.
Upon further inspection of the email I received, I noticed that the “from” name was his, but not the email address. Keep in mind, scammers can also “spoof” a person’s email to send out as them. Spoofing is the word used in tech when a scammer has the technology to “send as” the person – essentially, pretending to be that person.
A side note on spoofing: you may have also experienced this with phone calls. You get a missed call from a number, call them back and ask what the call was regarding and they have no idea what you’re talking about. Either a forgetful caller, or their number was “spoofed” – usually with the same area code and prefix as your own phone number, to make the call seem legitimate.
If the Email Asks for your Credit Card Information
In general, always be weary of when someone is asking for your credit card information. Your bank, service providers and any vendors you work with should not be asking you to send your credit card information via e-mail as this is not a secure transmission for sensitive financial information.
If the Email tells you that you need to call your provider or visit a website to update your credit card information, do a web search on Google to find the proper link for the provider or the proper phone number. It’s easy enough for the scammers to disguise a website link as the legitimate site and redirect you to a page they’ve designed to look like the provider’s site to capture your credit card or banking information and drain your accounts. Same goes for a phone number. Always ensure you’re phoning the company directly.
Example: the link below looks like it would bring you to the Netflix website, doesn’t it? If you click on it, I’ve set it up to go to our NETSPECTRUM website – it’s just a matter of changing the text that you see vs the actual site the link goes to.
There’s a Strong Sense of Urgency or Threats to the Email
Scammers don’t want you to think twice. They will often provide threats or a sense of urgency to the request to try and get you to act quickly.
- Your account is in danger of being shut down, click here and provide your credentials right away
- It’s Aunt Joyce, I’m stuck in an airport and need you to send cash right away
- I need you to pick up some iTunes cards for a meeting I have with a client and send me the codes on the back of the card right away
- You owe money to the CRA and will be arrested in outstanding payment is not received
The Email Contains a .zip Attachment
This should always raise a red flag unless you are expecting a large file from a friend, family member or business contact. .zip files are files that have been compressed for sending and when sent in a malicious email, the files they contain are harmful to your computer.
If you receive a file with .zip at the end of the file name, check with your contact before opening it (and don’t respond to that email it was sent from, reach out to your contact either in a new email thread or give them a call).
What to do if you’ve Opened a Link, File or Provided your Information
If you feel you’ve opened a file you shouldn’t have, make sure to run a malware scan (or ask for help from someone who knows how to do this). If you feel you’ve given out banking or credit card information to the wrong hands, call your bank immediately and let them know what happened.
See some examples of malicious emails (screenshots) here.