A lot of people get caught out opening emails and attachments that contain viruses, and this compromises the security, reputation and integrity of their business. This blog article is all about how to prevent yourself from being affected by phishing scammers and fake emails, and what to do if you find that you’ve been affected.
Step 1: Check the Sender’s Email Address
Before you open an email, check the email address of the sender. If the email address is not one you are expecting, or recognise and trust, it is better to play it safe and put the email straight in the trash folder without opening it. You should also check if an email is supposedly coming from an Australian Government organisation, it should have “.gov.au” at the end of the email address, and Australian educational institutions should have “.edu.au” at the end of the email address. Simply opening an email could put your computer at risk of virus infection, so be careful!
Step 2: Check the Subject Line
Before you proceed to opening an email, if you’ve decided that the sender’s email address doesn’t look suspicious, your email client should show a subject line from the sender. The subject line will usually briefly explain what the email is discussing in the main body, so if the text doesn’t say something you would expect to see, it is better to contact the person who sent you the email and ask about it before you open the email. Some email clients also give you a brief preview of the contents of the email without you actually having to open the email at all, and you may be able to adjust this view in the settings of your email client.
Step 3: Attachments and Links
If you’ve decided that you want to open an email, but you still have some reservations, proceed with caution. Spammers and scammers will often put in hyperlinks and attachments hoping that you will click on something that will infect your computer. If an email looks like it has suspect content, it is better to simply not open any attachments or links and put it in the trash folder. When it comes to links, you can hover your mouse over the link without clicking on it, and a temporary textbox will appear showing you the address where the link will take you if you click on it. You can use this approach to judge whether or not a link might be safe to click on. Unfortunately, you have no such luck when approaching attachments. Any click on links and attachments comes with a serious risk that your computer could be compromised, so please proceed with caution and only open those that come from people you know and trust.
Step 4: What to do if You’ve Been Affected
Okay, so you’ve opened an email that has affected your computer. If this is a phishing attack and your email address is sending emails to people that you did not send (if you are unsure, go to your sent folder and see if there is anything in there that you did not send yourself), the first thing you’ll want to do is change the password of your email address and select the settings in your email client to log out of every device that your email is currently logged into. This will log out the attacker, and then they will be unable to log back into your email account because you’ve changed your password. After you feel satisfied that this has been completed, it is important that you inform everyone who received an email from you (that you did not send yourself) not to open the email, and that your email address was hacked. This is especially important if your business handles any personal, financial or sensitive data of your customers.
If you suspect that the attack may have contained a virus and compromised your computer or device, you’ll want to change your password and log out of all devices in the same way as with handling a phishing attack, but you’ll also want to run virus and malware scans immediately afterwards. However, this is not a guaranteed fix; as viruses, malware, trojans and worms are always evolving, and your particular set of antivirus software may not be able to recognise them, particularly if they are not updated regularly. It is also possible for a virus to disable or partially disable some functionality of your antivirus software, so that it appears nothing has changed. If you suspect you’ve been hit with a virus, you’ll want to contact your IT Professional and explain the situation to them, describe any peculiarities your device is experiencing, and request a professional scan and inspection of all potentially affected devices.
This is also one of the services that our business offers, so if you don’t already have a dedicated IT Professional for your business and you suspect that one or more of your devices may be compromised, please contact us for assistance and we’ll be happy to help.