How to be 100% sure you are not opening a dangerous attachment

by sircles on Jul 12, 2017 in Domain Names, Network Security, Internet Security, SPAM, Office 365
  If you are in the market for some new employees then you may be receiving quite a few emails

How to be 100% sure you are not opening a dangerous attachment

 

If you are in the market for some new employees then you may be receiving quite a few emails daily on the subject, but here is one to avoid:

 

In this case the user is viewing email using Microsoft Outlook. If we have a closer look by clicking the attachment ONCE we can see that the document suggests us opening the document fully and enabling editing:

 

Anything that asks you to enable content or enable editing is likely containing trouble. Microsoft Office Word and other Office documents can contain code that can harm your computer and that should be avoided. The above is not a function of Microsoft Word it is simply the page they have created to try and persuade you to enable their code.

Let's go over a few quick checks that we can use to decide if we like this or not anyway:

1. Before even thinking about the attachment, look at the sender address: Karen Baltzley <[email protected]> These addresses do not make any sense, as the spammer has not thought to align the email address with the display name of the sender - this is spam. We can also see that the attachment author is someone called ojeawlbgnpbgmob which is unlikely to be a real name.

2. Look at the signing of the email - because these spammers send email by volume they do not want to enter any text by which your IT team can filter their messages out, and so they only want to use generic words. As a result they have not signed the email Karen Baltzley, they have just left it blank - this is spam.

3. Reply to the message instead of opening the attachment if you are in any doubt - this is a great way of being 100% sure. Spammers do not send email from proper addresses, this would open them to the risk of being traced or tracked down. So if they are a spammer, the email will just bounce back an error message. If you have any doubt at all reply to the email.

4. Lastly, the risk inherent in Microsoft Office documents, what with macros and other code, means that very few legitimate businesses send them unsolicited. Any invoice or quote in a Microsoft Office document format is questionable and you should reply to them asking for a PDF copy that cannot be so easily tampered with.

If you have satisfied yourself with all of the above then you can open an attachment feeling pretty safe, and believe me, it is worth the trouble. You do not want to find yourself buying Bitcoins in the middle of the night trying to decrypt yesterdays work before the boss gets back from their holiday.

Comments (3) -

  • Tom Shepherd
    Thanks for posting this - I am distributing round our office in order to keep everyone safe!
    13 July 2017 - Reply
  • Paul Stephens
    There are some great, simple steps here that anyone can take quickly in order to identify spam.
    16 July 2017 - Reply
  • Peter Grace
    We are using Office365 and still had some similar messages come through - is there anything we can do to increase protection?
    25 July 2017 - Reply

Add comment