Stay Ahead of Cybercriminals with a “No Safe Attachments” Email Policy
Third in a series of four blog posts on cybersecurity
Most phishing emails appear innocent. The email may contain an “invoice,” “resume” or “receipt,” and look legitimate, but think again. Cybercriminals send those emails hoping you click on the attachment and give up information that provides access to everything they need to compromise you and your business. Sometimes just by clicking on that attachment, they can install malicious software on your workstation to cause harm without you even knowing.
Don’t let the cybercriminals exploit your curiosity or fear to open that attachment. If you adopt the premise that there are NO SAFE ATTACHMENTS, and take precautions, you can stay ahead of the predators.
Malicious codes can be entered into all types of documents, including PDFs. File types that should put you on high alert are:
- Executable files such as: .exe, .bat, .js, .jar, or .vbs. They can automatically install software onto your machine
- Zip files such as .zip, .rar, 7-Zip files are compressed files. Some antivirus programs can’t scan the compressed files, so malicious malware can hide easily here
- PDF and Microsoft Office files such as .pdf, .docx, .xlsx may have embedded macros or scripts inside that can contain malware
These examples are only a few of the executable file types that could cause you harm. When you encounter one of these files, take extra care to make sure that you are protected by simply scanning with your preferred anti-virus product or calling the sender to verify the email.
Now that you know how to better identify unsafe email attachments, learn how to recognize phishing and spear phishing attempts and malicious URL links. The Anders Technology Group is here to help protect your business from cybersecurity attacks that could cost you time and money. Our team can implement a cybersecurity training program within your company to educate employees on the latest best practices to avoid a cyber attack. Contact an Anders advisor to learn more.