How to Spot Viruses and Other Dangerous Email Threats

Modern businesses run on email. According to a 2014 study, businesses send and receive nearly 100 billion email messages every day. Since most computer viruses are contained in email messages, people are becoming the victims of malware, worms, and phishing attempts now more than ever before.

Virus and Spam Filtering

So how can you protect your business against dangerous emails that can damage your computer, infiltrate your network, and invade your privacy? First, learn how to spot them. Second, implement an effective spam filtering solution. Finally, train your employees on email best practices and develop procedures on how to remedy problems in case of an attack or an infection.

Recognizing Malicious Emails

Learning how to recognize malicious emails is one of the most effective ways to protect yourself and your business. Heed the following warning signs before opening any inbound mail.

Sender Signals

Usually you can tell whether or not an email is safe based on the sender. Before opening email messages, consider the following factors to help you determine if a sender is trustworthy.

  • Unknown Sender – An email from someone you know is likely safe, however, use caution when opening an email from an unknown sender who may wish to harm your computer or steal your identity.
  • Sender’s Email Address Doesn’t Match Domain – If the sender’s email address doesn’t match the domain, this should immediately raise a red flag. For instance, if you receive an email from someone at Google, but the domain is something like @hodurric.xyz – you shouldn’t trust it.
  • Strange or Unexpected Messages – Occasionally you might receive an email from a friend, colleague, or relative that just seems “off”. Maybe it mentions sending a document you didn’t asked for or has an attachment you don’t recognize. In these cases it’s better to delete the message than to risk opening it.

File Attachments

Emails containing attachments, especially if they’re from unknown senders, are one of the most common indicators of a dangerous threat. File attachments pose an inherent risk because they allow foreign code into your computer’s environment. Here are some important things to know about attachments before opening them.

  • Attachments from Unknown Senders – Never open an attachment from an unknown or sender to avoid exposing your computer to viruses, worms, and Trojans.
  • Specific File Formats – Some file formats, especially .exe files, have a high potential for danger. An .exe file is a program that runs automatically on your computer when opened. Other potentially dangerous formats include .msi, .bat, .cmd, .reg, and .js files.
  • Archived Attachments – Email attachments in .zip or .rar format should also raise suspicion. Be especially wary if the archive is encrypted or password protected – these protections block your computer from scanning the archive for threats before you open it.
  • Attachments with Macros – Some attachment types, such as .doc and .xls files contain embedded macros. Macros are, in effect, programming code that allow you to automate repetitive or complex tasks, however, they can also be used to disguise viruses and malicious code. If you receive file attachments with an “m” at the end, like .docm or .xlsm, proceed with caution.

Suspicious Content

Phishing emails and scams are among the most common email threats today. These messages are designed to look legitimate, but they attempt to fraudulently steal your personal information. Look out for messages that contain the following suspicious content.

  • Request for Sensitive Information – Reject emails requesting personal data such as banking information, credit card details, or passwords. Never give up sensitive information via email unless you are certain the sender can be trusted.
  • Avoid Clicking Links – Avoid clicking links to an outside source unless you are expecting a message with an account registration confirmation. Emails containing links often lead to phishing websites.
  • Offer for Money or Prizes – Emails scams often try to lure targets in with extravagant rewards or offers in exchange for doing something menial. If a deal seems too good to be true, it probably isn’t.
  • “Following Up” on Something You Didn’t Do – Phishing attempts try to get information by asking you to follow up on something you didn’t initiate. For instance, if a message claims you’ve won a prize for a contest you didn’t enter, it should not be trusted. Delete it. Then report it.

How to Avoid Email Threats

While learning how to spot malicious emails is important, it is only part of protecting your business from dangerous emails. It is also critical to implement a strategy that blocks them from entering your environment altogether.

Spam Filtering

Businesses use several types of protection to safeguard against hacking, viruses, and phishing emails, but the most common solution is email protection. Email protection is commonly known as “spam filtering,” because it thwarts possible attacks by filtering out malware and junk email before they reach your inbox. Spam filtering works in the following ways to safeguard your inbox from malicious emails:

  • Content Filters – A content filter automatically scans the content of email messages for suspicious keywords and phrases. For example, creative misspellings and an imbalance of the image to text ratio are common identifiers.
  • Sender and Location Filters – Sender filters check the sender’s IP address and other location information against a list of known spammers, hackers, and virus makers.
  • Rules-Based Filters – Rules-based filters use pre-set rules or rules created by the end users to filter out messages containing specific words or phrases, messages received from a specific sender, messages from or a specific website, etc.
  • Attachment Filters – In addition to scanning an email’s content, attachment filters check attached images and files for viruses, executables, or extra code that could result in an unintended action. Many modern email clients also disable services like Flash and Javascript for additional security.
  • Permission Filters – Permission filters require the recipient to approve the receipt of inbound emails. Although this strategy is effective, it does require additional time. Permission filters may also include a challenge-response system that requires the sender to answer a “challenge” (usually a password) to pass the email through the filter.
  • Outbound Mail Filters – Some solutions filter outbound email as well as inbound email. This helps reduce the risk of your employees inadvertently propagating a virus.

Develop Procedures and Train Employees

The final component of effectively protecting your business from email threats involves educating your employees and developing mitigation procedures in case of an attack.

  • Train Employees – Train your employees how to recognize suspicious messages. Review the risk factors and test for understanding. Don’t forget to address other security measures currently in place. For instance, employees often disable anti-virus programs, enable administrator privileges, or close warning messages without realizing the risks.
  • Implement Mitigation Procedures – Develop a procedure to address what steps an employee should take if he receives a suspicious email. This process could include alerting your IT department or quarantining messages in the email server.
  • Take Additional Security Measures – In addition to spam filtering, make sure your business has a solid anti-virus and backup/disaster recovery solution in place in case of a virus infection or data breach.

Although it is impossible to protect your business from every threat, deploying an anti-spam and proper employee training will greatly reduce your risk. Call Xcel Office Solutions today at (405) 748-4222 today to learn more about our managed IT services.

print page