By: Joe Vassalotti, Systems Engineer
Scammers and potential hackers these days are getting cleverer and trickier – a new virus scam going around will lock your files and force you to pay the scammers to have them unlocked. Pretty standard stuff, right? Well, the new version comes with a catch – if you go and send the virus to two other people and they pay the ransom, your files become unlocked. While some of us may not want the season of giving to be over, we should all do our best to not pass the headache and frustration around that comes from being hacked or infected with a virus.
Emails that seem suspicious likely are – if you’re not expecting an email from someone you do not know or are not awaiting an email from a sender that comes with an attachment or asks for you to go to a link, then the safe thing to do is just delete it.
It can be easier said than done, though, to just delete the emails, but it’s the safest bet for you and your company’s data.
Some emails from potential scammers mask themselves as an email coming from someone within your company – known as a spoof email – and look legit and safe to open. Though tempting to just download the attachment or open the file, if the wording in the email or name of the file is suspicious, don’t open it. It’s easier to go back to the sender and ask if they really sent the email than it is to try and stop the virus.
A trick to see if the email really is from a co-worker is to double click on the email in question, select the File tab and then select Properties. You’ll see a box pop up with information such as Internet headers. Looking at that information is key because it will show information confirming if the email was really sent by the sender or if it was a spoof email. The “from” area may have the name of the person you know, but the email address next to it will be the signal if it’s real or not. If you see the sender’s real email address there, then it was indeed sent by the sender. However, if you see an email address you don’t recognize, then it’s someone who has spoofed the email.
Oh, and those URLs included, hover your mouse over the link and see if that URL is really pointing to what the link text says and check to make sure it’s not pointing to a different site altogether – or one being masked as a legit site. For example, scammers might try and get someone to click a link that appears to be from Microsoft – the URL would look like Microsoft.randomname.com. If it was a real Microsoft link, it would end with Microsoft.com.
Those are just some pointers to keep in mind when you receive an email that seems suspicious or too good to be true.