“You are hereby notified that you must vacate your home within a ten-day period. The bank has already foreclosed on your residential property and you are a trespasser now. Please find our contact information and the bank statement attached to this notice.”
We’ve all had phishing emails like the one above appear in our Inbox. Hackers use language to cause alarm, hoping victims stop thinking long enough to get suckered in. They have an advantage because most users will trust and open emails that come from someone they know. Clever methods are used to hide the fact that the attached files contain malicious links and viruses.
How do I know if an email attachment is safe? Can opening an email cause a virus? Is it safe to open Microsoft Office files from a friend? Which file extensions are safe to open? Which file types should never be opened? How can I tell if an email is a phishing scam? Should I do anything after I download a file? Is there a procedure or checklist to follow?
Email attachments are one of the most common ways to get malware. Nobody wants themselves, their loved ones to become a victim of a scam. Business owners want to protect systems from malware and data breaches. Fortunately, there are effective and straightforward steps to help anyone become a pro at spotting nasty attachments.
How to Tell If an Email Attachment Is Safe
Open the email
How can I tell if the attachment in the email I just got is safe or not? The message in my inbox appears to be something important from Apple. The subject gives the impression that there was an account change. There’s also an attached Word document titled “Apple-locked” something. The attachment could be a virus, but I’m not sure. What do I do?
Don’t open the attachment just yet. We need to open and verify the email first.
It’s relatively safe to open an email from the outset. In the past this was considered an unsafe practice because email messages could contain scripts. JavaScript could make online mail more interactive, but also allowed hackers to insert nasty code. These days, email clients no longer support scripting. Most will even prohibit images from being shown if the sender is an unknown source.
Click or tap the email to open it for review. There’s no way to verify without opening the email, so just do it.
Look at who sent the email
Checking the sender information before opening attachments is the first step. Recognizing the sender may not be enough however, as shown later in this guide.
Double-check the sender’s email address
To indicate where a message came from, an email client will typically show the sender’s address near the top. The address will have a display name for the sender, which is followed by the specific address in angled brackets. For example: John Smith <[email protected]>.
In some email clients, the display name is shown but not the address. Hackers use this advantage and put legit email addresses in the display name to fool the recipient. Always tap to reveal the full sender information. This is not uncommon on Android smartphones and tablets, iPhones, iPads and other mobile devices.
Don’t open unexpected attachments, even if the sender is legit
Email accounts can be compromised. When I receive an email with a weird looking attachment, I’ll email or talk to the sender. If they got hacked, they’ll appreciate knowing so they can get their account back. They can also get in touch with anybody else on their contact list who may have received such an email.
Email addresses can also be spoofed. Email spoofing is where the sender address is forged. This type of phishing attack is designed to gain the reader’s trust. They then seek to steal personal information, infect devices with viruses or to ask for money.
Only open email attachments that are expected. If the message seems suspicious, it’s okay to ask the sender about it. The same advice applies for clicking links and replying to an email.
Look at the file type on the attached file
What is a file type? It’s a name that’s given to a certain kind of computer file. Think of documents, images, videos, executables, zip archives and the like. There are hundreds of different kinds and some file extensions are more common than others.
Attachments or files can contain ransomware, trojans, adware, botnets and other types of malicious code. Not all file types are dangerous, though. Certain file types need to be put under more scrutiny than others.
File types that should never be run
Never run files with any type of executable extension on it, or at least use extreme caution. These file types can contain malware and viruses in their coding. Watch for the following file extensions:
.ade .adp .asf .bas .bat .chm .cmd .com .cpl .crt .exe .hlp .hta .inf .ins .isp .jar .js .jse .lnk .mdb .mde .mov .msc .msi .msp .mst .pcd .pif .psc1 .reg .scr .sct .shs .swf .url .vb .vbe .vbs .wsc .wsf .wsh
File types to be careful around
Microsoft Office files and PDFs can contain hidden macros and scripts. The scripts can run if the user hits “allow macros” on the document. From there, the macro may install keyloggers or other types of malware. Office documents and PDFs can contain malicious links as well. Watch for these extensions:
.docx .xlsx .pptx .pdf
A compressed file is any file that contains one or more files or directories. The contents, once extracted, are larger than the compressed version. Anti-virus software can have difficulty scanning the contents of these files, especially if they’re password protected or encrypted. As a result, they may contain viruses. Most users only think about the .zip extension when asked about compressed files. There are other types of compressed out there. Here are some examples:
.zip .rar .7z .arj .cab .pkg .tar.gz .tgz
File types that should be safe
Music, images and videos are generally considered okay to open. Extensions in this category are:
.mp3 .wav .flac .aac .gif .jpg .jpeg .tif .tiff .mov .mp4 .mpg .mpeg
Interestingly, .txt files are totally safe. Just watch out for the double-extension trick!
Watch out for double-extensions
One gimmick a hacker may try to use is called the double-extension trick. Even though it is a huge security risk, Microsoft and Apple both hide file extensions by default. The image001.jpg file sitting in the downloads folder may look innocent enough. I may be unaware the full filename is actually image001.jpg.exe. If I open it, it’ll run as an executable.
To counter this, some use risky techniques like looking at the file’s icon to see if it makes sense. The thinking is that if the file looks like an image, then it’s likely an image. This can work sometimes, but this can be easily faked by hackers. If there’s any question, check the file’s properties by right-clicking the file. This can be done in Windows, on a Mac and most other operating systems.
Make sure the email isn’t spam
Before downloading an attachment, make sure it isn’t spam or some type of phishing attack. Phishing attacks are something to always be on the lookout for, particularly in email.
Hackers send a constant barrage of official looking emails with alarming subject lines in order to lure victims in. They are great impersonators. Who wouldn’t be alarmed when receiving an email from PayPal saying their account is limited? Or that an unknown device has been using my account? Thieves know exactly how to manipulate people because it works.
The best advice here is to look the email over before reacting. Challenge it. Hackers are constantly coming up with new tricks to steal data, so keep an eye out for these signs:
If I have any doubt as to whether the email is a scam or not, I don’t click links or download attachments. It’s as simple as that. It’s better to type the address in myself, log in and verify. Worst case, I’ll call the organization before clicking.
Download the file
When I feel comfortable that a file passes the quick safety checks, I’ll download it. If there’s any lingering worry, the file can be manually scanned by an up-to-date anti-virus program. As an extra precaution keep the operating system (Windows, Mac, etc.), mail clients, PDF readers, and virus protection updated. Never disable an anti-virus when trying to open an attachment.
Additional strategies that help
Here are more ideas to use to keep safe from malicious email attachments:
How to Keep Personal Information Safe Online
Your Social Security numbers, credit cards, online passwords may be at risk. Here are 12 ways to keep personal information safe on the Internet.
There are many threats awaiting in the Inbox. One could worry that their loved ones are at risk of being taken in by a phishing scam or getting infected. For peace of mind, share and follow these generally accepted email security practices.
Leave a Reply