I originally wrote this as a reply to a Reddit post but as I saved it, comments were blocked.
I received an email this morning. I’m actually expecting a package that has been held for some time and when I saw it, it seems potentially legit at first. But then I realized that I don’t use my work email for personal things like that. When I saw that it came from someone who didn’t have a UPS email address, and there is a .zip attachment. I don’t know for sure that this attachment has a virus or any kind of malware, but I won’t take the chance on company hardware.
In the past few months ransomware such as WannaCry has been a big thing in IT news. It is a program that encrypts (locks) your documents and files so that you can’t use them until you pay someone a ransom. Like a virus, then often move from machine to machine on a network. How do these things start? They usually start with emails like this one. Someone opens an attachment that they think is legitimate and then they find that they can’t use their data anymore and if they don’t have backups, then they might be out a lot of money. If it happens on a corporate network, they could be out millions.
How can you be safe?
- Don’t open attachments that you aren’t expecting.
- Be smart about email. If you don’t know who the email is from, never open an attachment.
- Report suspicious email like this to your Information Security team or Email administrator so they can be blocked in the future.
Malware attacks happen, but they don’t have to happen to you. A bit of savvy about how these things works can save a lot of headaches.