When you get dozens (or hundreds) of emails a day, you’ve probably gotten pretty good at spotting legitimate emails versus potentially dangerous spam.
Unfortunately, hackers have gotten very good at sending out legitimate seeming emails with attachments containing threatware, including viruses and spyware.
So, what can you do? CEI’s Malware Protection Team shares why email attachments are dangerous, what to do if you open one, and how to protect your devices.
Understanding Threatware In Email Attachments
Threatware, also called malware, is a type of malicious computer program that was created to cause harm, either by stealing data or causing systems to crash or lock up. The most common types of threatware to come through email attachments are:
- Viruses that, once downloaded and opened, will replicate themselves from system to system, stealing data or seizing applications.
- Trojans are disguised as software or files in email attachments that, once opened, can gain control of a device, spy on the user, or access networks. While viruses replicate and require a host, trojans do not replicate.
- Spyware infiltrates the computer or device to spy on activity, and collect confidential information, often by logging keystrokes or tracking cookies, or stealing information.
Ransomware In Email Attachments
Ransomware is a type of threatware, but it’s very specific in its purpose.
Instead of simply crashing systems or stealing data, ransomware will shut down your device or encrypt your data and will keep it locked until you pay a ransom to the hacker to release it.
Ransomware can cause serious financial losses to a company and lead to complete business shutdowns for days or weeks until the ransom is paid.
How Can You Get A Virus If You Open Email Attachments?
Almost any kind of threatware or malware, including viruses, spyware, and ransomware, can be delivered via an email attachment.
While opening an email is generally not dangerous, once you interact with it in some way, usually by opening an attachment that looks like an executable file, the malware is delivered into your email and computer where it can then wreak havoc.
Your spam email box is generally filled with harmful links and attachments.
How to Prevent Malware Through Suspicious Email Attachments
Most email programs have some security software in place to catch dangerous emails, but it’s far from foolproof. In order to prevent viruses, spyware, or other types of threatware from stealing or encrypting your data, follow these best practices:
Know the Sender Of The Email
Never open email attachments from people or institutions you don’t know. When possible, verify that the sender did indeed send the attachment and that it wasn’t “spoofed.”
Avoid Opening Certain Attachments
Dangerous email attachments are often disguised as something that looks trustworthy and legitimate so you’ll open them. However, in the file extension, the last three characters at the end of the file, such as .txt, or .com, can tell you exactly what type of file it is. Most malware is delivered in the following formats:
- ISO: ISO files create copies of software onto a physical disc, often to distribute software or operating systems. They can also distribute threatware and now ISO files no longer need physical formats. There is no reason to receive a .iso file, so if you see one, delete it.
- EXE: Executable files are the most common way to deliver malware. While this is also used to install legitimate software, it’s rarely necessary to download the software you need from an email. Thus, when a .exe file comes through your email, even if it seems to be a trusted source, it is most likely malware.
- ZIP: When a file is compressed, it’s generally done to reduce the size of the attachment. However, it can also disguise an attachment as something else. Unless you can verify with the sender, avoid opening any attachment with a .zip, .rar, or another compressed file type.
- Microsoft Office: Documents, spreadsheets, and presentations should be safe, but in reality, they can contain small programs called embedded macros, that install spyware or malware into your device. Like a compressed file, unless you can verify what’s in the attachment, avoid opening anything .doc, .xls, or .ppt.
Install Trusted Malware Protection
A trusted antivirus and malware program that offers real-time protection will detect threats in your email before malware can cause damage. Use your antivirus software to scan all emails for malware.
Can Opening An Email Attachment Be Dangerous?
Email attachments can be a convenient way to share files, but they also come with certain risks.
One of the most common dangers is the potential for viruses and other malware to be embedded in attachments. When these files are opened, the malware can infect the computer and spread to other devices on the network.
Additionally, email attachments can be used to phish for personal information or to deliver ransomware.
In order to protect yourself and your data, it is important to be careful when opening email attachments. Make sure that you trust the sender and that the file is from a reputable source before you open it. If you are unsure, you can always scan the file with a virus scanner before opening it.
By taking these precautions, you can help to keep yourself and your data safe from harm.
What To Do When You Open a Suspicious Email Attachment
If you’ve accidentally downloaded a dangerous email attachment, you should immediately run your malware protection software. If it finds malware or a virus, delete it from the device immediately and then run a full system scan to eliminate anything that may have been delivered.
We would also recommend having a system backup and disaster recovery solution in place. This way, if the security software doesn’t remove it, you can restore your files, applications, servers, and systems to the point before the malware was delivered.
With just a few steps, you and your team can have your business back up and running without security concerns.
Why should we be careful with email attachments?
In today’s business world, email is the primary method of communication for many organizations. As a result, email attachments have become a common way to share documents and other files. However, there are several dangers associated with email attachments that users should be aware of. One of the most common is viruses.
By opening an attachment, a user can unwittingly introduce a virus to their computer, which can then spread to the rest of the network. Another danger is that email attachments can be used to bypass security measures. For example, an attachment might be configured to bypass a firewall or access restricted data.
As a result, users need to exercise caution when opening email attachments, even if they come from a trusted source.
Are email attachments safe to send?
Email attachments can be a convenient way to share files with colleagues, but they can also pose a security risk. Before sending an attachment, it is important to consider whether the recipient really needs it and whether it contains any sensitive information.
If the answer to either of these questions is yes, it is best to send the file using a secure file-sharing service rather than email. That way, you can be sure that only the intended recipient will have access to the file.
In addition, it is always a good idea to run a virus scan on any file before sending it, just to be safe.
By taking these precautions, you can help to ensure that your email attachments are safe to send.
Contact Us for Security Solutions for Your Business
At Strategic Systems, the IT Division of CEI, we are dedicated to providing small to medium-sized businesses in and around Raleigh with network security solutions and malware protection services that include monitoring for malware, antivirus management, and alert notifications. To learn more about malware protection for your business, reach out to us today at 919-781-8885 or fill out the form below to get started.
These days the phrase ‘avoid the virus’ means more than just taking the necessary steps to secure your personal health. It also means taking the necessary steps to secure the health of your digital work platforms and networks. With office routines turned upside down and likely lapses in regular reminders about online security, it’s important that anyone working remotely keep security front of mind.
One critical thing you can do to avoid introducing viruses on your device or into your organisation’s network is to steer clear of dangerous email attachments.
Why is it dangerous to open suspicious email attachments?
Any email attachment can carry software that cybercriminals have developed specifically to damage or exploit your device or network. Because that software has been designed with malicious intent, we use the term ‘malware’ to describe it.
Cybercriminals may use an attached document, PDF, presentation or image to disguise their malware and it will launch once a user opens the attachment.
Cybercriminals design malware to steal data, sabotage and extort money. The do so using many techniques but there are a couple that are most prevalent.
1. Phishing
Phishing is a human-to-human con job conducted by email. Cybercriminals’ goal is to lure the email recipient into believing that an email attachment contains vital information, either about their health, wealth or career, or about important business procedures.
Opening an infected attachment can have serious consequences. It may launch a keylogger which steals personal information such as usernames and passwords, takes periodic screenshots, grabs sent emails or harvests credit card numbers and bank details.
It can also clog your computer and spread throughout any network you use, not just disrupting your own computer operations but those of people you deal with online.
2. Ransomware
Ransomware, a form of malware, can be delivered by email attachment. It makes a computer or its data unusable or inaccessible. Cybercriminals then demand payment from victims to release the data.
What email attachments are regarded as high risk?
Email attachments will have two or three letters after the file name and the full-stop. Those letters indicate the type of file that is delivering the information in the attachment. If you know more about which file types attackers like to use, you’ll be better prepared to identify suspect files.
Exe files
An executable file (.exe) has encoded instructions that tell a computer system set a function in motion. That function might be to install or run a new software application. Although exe files are often legitimate Windows applications, attackers can also use them to distribute viruses or other malware.
Compressed files
Compressed files have a lot of valid uses, particularly when co-workers are working remotely and need to send large volumes of information.
Basically, compressed files allow workers to bundle up multiple files or folders into a single container file and shrink it to a size that can be more easily and quickly emailed.
But just because you get a compressed file, doesn’t mean you know what’s in it. That’s why attackers love them. Compressed files can be used to hide or obscure malware.
Although there are compressed file extensions you might be familiar with (such as: .zip; .rar; .sitx; .gz), it’s worthwhile knowing that there are many more.
Microsoft Office documents
No longer the simple static files they once were, Microsoft Office documents now offer new functionality for users in the form of add macro and scripting capabilities that work in much the same way as executable programs — telling systems to run processes. And with that added functionality comes the opportunity for attackers to embed their own scripting and malware. So, the next time you’re about to open a Word document, Powerpoint presentation, Excel workbook or template, check to make sure you were expecting the attachment.
ISO files
In mid-2020, Microsoft warned of emails that trick users into downloading ISO file attachments. These files have a remote access trojan that gives attackers control over the infected device or host network.
The warning was timely, as until now, ISO files carrying malware had been relatively rare.
Traditionally, ISO files have been used for archiving purposes. They are often used to create a backup of a physical discs like CD, DVD or Blu-Ray and can be used to save and send large chunks of information in a single file.
Where you once would have needed special software to open an ISO file, it’s now an integral part of today’s Windows operating systems, and that’s what is making it more attractive as a vehicle for attackers.
Is it safe to open email attachments that come from unknown sources?
Although you may have installed security software designed to catch and protect your device from malware, it’s not faultless and you shouldn’t consider it your only line of defence against attackers.
You should be immediately wary of any email attachments from unknown or suspicious sources.
Best practice is to delete such emails immediately without replying, forwarding, or otherwise interacting with them, but check your employer’s protocols first.
Tips to avoid viruses from email attachments
There are five simple steps you can take to avoid unsafe email attachments.
1. Use antivirus software
Although antivirus software is fallible, it is a proven defence against the majority of attacks.
Make sure you install issued patches and update it regularly, and that your system is configured to scan all attachments or images embedded within emails or instant messaging attachments.
2. Back up your system regularly
Having a good and regular back-up regime is essential. Having an offline system backup copy is even more important. Although you might have online back-up protocols, there are still indirect paths through which backups can become infected with a virus. Your best to defence is have your secondary system copy offline.
3. Do not open attachments in emails that have bad grammar
If the phrasing in an email seems ‘off’ as if the sender has put it through a bad online translation server, then chances are that any attachments to the email will be ‘off’ too.
4. Do not open unsolicited attachments
The first and best way to avoid being caught out is to never open an email attachment that you were not expecting, even if it comes from a sender you know.
That’s because there are viruses out there that can ransack your senders’ contact lists and trigger email attachment spam that sends itself to everyone on those lists.
Just because you know the sender doesn’t mean that they actually sent the email you received.
5. Do not open attachments with strange file names
While it may seem obvious not to open files with names like “yourwinnings” or “freemoney”, it can be less obvious when file names suggest they have important information to do with tax or banking, invoices, healthcare, parcel delivery or even administration of your online devices.
The best test is to think about how you would name a file. If a file name is overly long with lots of letters and numbers, has special characters (?, *, %, #, % etc) or has multiple file extensions (filename.jpg.exe), then it should ring your warning bells.
What to do with a suspicious email attachment
If you do think you’ve received a suspicious email attachment, don’t panic. Unless you interact with that attachment, it’s unlikely that malware will be activated. The source of the email will determine what other steps you can take to protect your device.
An unexpected email attachment from someone you know
If you have received an unexpected email attachment from someone you know or from a company or institution you work or deal with, do not to hit ‘reply’ to the email even if your intentions are to check if it’s legitimate. Such action could put malware in motion. Instead, it’s worth giving the sender a quick phone call to make sure they intended to send you the email.
An unexpected email attachment from someone you don’t know
If you don’t know why you have been sent an email with an attachment from someone you’ve not dealt with previously, then there’s a high chance someone is trying to bait you to open the attachment.
Do not open it, reply to it, or forward it to anyone else. You should report it to your company’s IT team and follow their protocols. Generally, deleting the email and then emptying your ‘trash’ folder will remove the threat.
If you feel you have to view the information it contains, you could save it to your computer and manually scan the file using your anti-virus software. If the file is clean and doesn’t seem suspicious, you can open it.
Conclusion
Malware does not install itself.
Interacting with an unsafe email attachment by opening it, forwarding it or replying to it can set a chain of events in motion that can have serious consequences for you, your device and even your organisation.
However, by being more aware and vigilant, and by taking a few simple steps, it is possible for you to mitigate many of the risks from malware.
These are tips that everyone in your organisation should learn, particularly during this time of operational disruption when cybercriminals are most active.
Take a coordinated approach to cybersecurity and shore up your defences with cyber awareness workforce training from Phriendly Phishing. Book a demonstration with us today.