They turn up like buses. You may not see any for a couple of days but sure enough you'll have loads waiting in your inbox. They're a nuisance but more importantly they can be very very dangerous. What is it? Spam.. Junk and unsolicited emails.
Obviously the best thing to do with them is just hit delete. They are either tell to sell you something or steal something.
The best form of anti-virus/anti spyware program around is YOU but it's hard to know what's legitimate these days and difficult to see through the scams. Here are a few pointers to think about.
- Is the email for you?
- Are you waiting for something relevant to the message content?
- Never open an attachment unless you know it's safe?
- Never follow a link provided to you in an email unless you can prove that it is legitimate before clicking it.
Believe it or not but Outlook does try and protect you from unsafe email attachments but there are a few common attachments that you should always consider as unsafe. Attachments can come in all shapes and sizes and file types. File types are the important part as they tell Windows what to do with them when they are double clicked. Double click attachments can be where the problem starts.
Consider the following filetypes as Unsafe attachments:
- .htm - This is normally associated to your web browser and when opened (double-clicked) can take you anywhere
- .html - Same as above
- .exe - This is an application. When double-clicked you are letting the program run and do what ever it's programmed to do.
- .cmd - This is a list of commands that run one after another. It can contain very damaging commands that can cause serious problems on your PC
- .bat - Same as above
- .vbs - Same as above
- .doc, .docx, .dotm, .docm - Word documents
- .xls, .xlt, .xltm, .xlsm - Excel documenets
- .iso - Disk Images and archive
- .ps1 - Powershell scripts
Surprisingly our favourite office files can also contain malware. Any office document, word, excel, powerpoint etc received as an attachement should be considered as unsafe. The office software tries to prevent any malicious code within a document by executing when it displays the yellow bar across the top of the document "enable editing". If in doubt, ask/delete.
.htm and .html filetypes as mentioned above are associated with your web browser. If an email asks you to open the attachment to retrieve an invoice or statement then you should be cautious. If the email was legitimate then they would provide you a direct web link to the statement within the email message NOT as an attachment.
Emails should be considered junk if...
- ..it's not from a known member of staff - Don't be fooled into doing something because an email came from email@example.com. There is no firstname.lastname@example.org, nor is there one within the Valbruna Group. All emails requiring action have all come from an individual member of staff with exception to email@example.com.
- ..it's from a member of staff but not relevant to anything to do with work. i.e. You need to do something for UPS cos they've emailed an invoice and there's a package waiting. Ask yourself: Are we or who is waiting for a package?
Emails to be weary of
It's very easy for an email to look official. It's also very easy for a web link to send you to what looks like an official website. The main objective of this is to steal your username and password. It's more commonly known as Phishing.
Never trust a link given to you unless you can prove to yourself that the link is legitimate.If you are in any doubt then always type in the web address into your web browser manually. This ensures you are going were you want to go - Not where someone else wants to take you.
Consider you bank with Barclays Bank. Searching on Google tells you the web address for them is: www.barclays.co.uk
If you receive an email requesting you reaffirm your security details by logging in and the provided link in the email looks similar but is not EXACTLY like the above then it's almost certainly fake.
Think Roy Walker and Catchphrase - "It's good but it's not right!".
DO NOT CLICK ANY LINKS BELOW. THEY ARE PROVIDED FOR INFORMATION ONLY.
Here's a few examples to help. Use your mouse a put the cursor on the links and see what happens.
www.barclays.co.uk - This is a standard web link to a standard web page. Nothing to worry about here.
Barclays Bank - This is a descriptive link. It's easier to read but doesn't tell you were you are really going. Put the mouse on "Barlcays Bank" for a moment and it will show you were it will take you. If yo've done it right it will say http://www.barclays.co.uk
Barclays Bank - This is the same as above... ...but is it? Absolutely NOT. Why? Put the mouse over "Barclays Bank" and see where it's going to take you? Did you see: http://im.going.to.steal.your.bank.details.com/securelogin/login.html
(you can click the above link if you wish as it will not take you anywhere).
Well that one is pretty obvious it's not barclays bank but be warned people are cunning and they will try anything to make you click those links.
The next example shows you how similar things can be but trust me. They are still very very different.
Barclays Bank - It looks a little odd being http://_www.login.barclays.com/securelogin but there are questions to ask.
a. Is the domain name correct? Is the web site you want to visit a .co.uk or a .com or a .org. Making sure is always a safe bet.
b. Have you ever seen an address like that from your bank? I would say no so consider Step 1 above.
There is one last thing to be aware of. As you've seen above you can be given web addresses or descriptive links in emails. The last one to watch for is a descriptive link that looks like a web address which doesn't take you were it says it will.
Use the mouse to hover over the web link to see where it will take you. If it doesn't match then walk away.
We received your request to reset your valbruna-uk.com password. To confirm your request and reset your password, follow the instructions below. Confirming your request helps prevent unauthorized access to your account.
If you didn't request that your password be reset, please follow the instructions below to cancel your request.
CONFIRM REQUEST AND RESET PASSWORD
Click on the following web address:
CANCEL PASSWORD RESET
Click on the following web address:
Did the weblinks go where they said they would? NO!
actually takes you to
REMEMBER If it doesn't look right than use google to search for the site or type it in manually from a known good source.
Web addresses and domain names all following the same format: domainname.location i.e. valbruna.co.uk, valbruna.com. Domain names are also read backwards. Each section between the dots is taken as a single element. When you want to goto facebook.com your computer first finds com and then facebook. The important part of any domain/web address is the name preceeding the location.
Domain names are unique www.barclays.co.uk is not the same as www.barclaysbank.co.uk and they could be owned by different people. They may well take you to different places on the internet. The later may well be owned by unscrupulous people trying to steal your money.