Security Reminder - be careful with emails.

I am regularly asked about whether it is safe to open an email.  Today's blog explores what is safe and what is not.

Hackers Think Employees are the Weak Link

A great deal of malware can sneak into a network this way.  Hackers used to try to force their way through firewalls.  But security has gotten so strong there that the new preferred method is luring a gullible employee on the inside to let them in.  Don't be that employee.

Gmail Provides Some Protection

Fortunately, there are a number of things in place to protect you.  With Gmail, you cannot be infected simply by opening and reading an email.  Gmail does not allow any scripts to run in emails.  You also cannot be infected simply by viewing an attachment.  The Gmail viewer prevents scripts and executable files from running in an attachment.  In fact, Gmail even prevents someone from sending you an exe file.

That said, you can receive a dangerous email attachment, download it, run it, and then infect your computer.  Hackers can send attachments with dangerous macros, or scripts, or hide an executable file inside an encrypted Zip file.  Do not download and run attachments unless you are sure of the sender and what is being sent.  Even a Word Document can contain macros that can harm your computer if you download it and try to load it in MS Word. If you have any doubt, run it by the help desk.

Links are Risky

Hackers are nothing if not inventive.  Because it is difficult to infect a users via email, many hackers might send you a link in an email to go to another site. This site could very well be infected by malware that can install itself on your computer.  DO NOT CLICK ON A LINK UNLESS YOU ARE SURE OF WHERE IT LEADS.

If you put your mouse over a link, it will show you the address where it leads.  This may be different from the address in the text of the link.  If it is different, that is a big red flag.  Also, if the address has "php" in the address, that is an indication that the site will attempt to run a script.  Again, that is a big red flag that usually means stay away.  Again, the help desk can check out a link if you are the least bit suspicious.

You may get an email that is what is known as a fishing attack.  This is where a hacker is fishing for information that will help him get into our network through other means.  For example, say you get an email from PNC bank that leads back to a link like this:  

http://www.pnc-support.com/login

You click on the link and see a login for your PNC account.  You enter your name and password.  You have just given the name and password of your bank account to a hacker.  Why?  www.pnc-support.com is not a valid domain.  Notice the hyphen between "PNC" and "support".  That means it is all part of the same word, not broken up by a dot.  Anyone could register such a domain and put a fake clone of the PNC web site there.  You enter a name and password, which is collected, then they say you entered it wrong and re-route you to the real web site.  You log in and are none the wiser. Hours later, or maybe minutes later, someone withdraws all the money from your account and transfers it to Russia.  Good luck getting it back. (The link in this example is one I just made up.  It does not really lead anywhere and will not harm your computer).

This is why email links can be very dangerous.  If you are not 100% certain of the sender, don't click on anything.  Even a sender you know could have its email hacked in order to send you dangerous link.  This does happen regularly. Even if you know the sender, if the wording of the message seems odd, or a link seems suspicious, don't fall for it.

ABA Article on Ransomware

The ABA Journal recently wrote an article about Ransomware, a trend where hackers introduce malware to encrypt all the files on your computer (or the entire network) then demand payment to unencrypt them again.  This is a serious threat.  Many companies have been hit by this.  If you care to read the full article, you may do so at this link.  (I promise this is a valid and safe link.  I'm not trying to trick you).  At the end of the article is a link to a quiz, which you might find interesting.  That link is also valid and safe.