290B Parker Farm Road, Buxton, ME 04093
(207) 929-9149 (ph), (866) 459-5150 (fax)
Scott Nason - Director of Technology

Thursday, March 16, 2017

Is this a malicious email and what to do with it?

I apologize that this blog entry is so long, but it is extremely important that you understand the subject.

While the Internet is still loaded with viruses and malware of all sorts, the most common security issue today is malicious emails.  These emails look like legitimate emails from Google or Apple, but are actually faked, with the intention of getting you to give them permission to access your system or account.  

One form is the phishing email.  It is intended to get you to type in your credentials for an account, so that they can then hijack it. So it would look like an email from Apple saying something like a new email address was added to your account.  If you didn’t do that, please click this link and type in your Apple ID.  But the email wasn’t from Apple.  As soon as you type in your Apple ID and password, the perpetrators now have it and they can hijack your account

Another form of malicious emails are those with embedded or attached malicious software.  These emails have a small software program that alters your computer to give them access.  One form of these emails will have an attachment.  The email might say “here is your receipt” or “here is a photo of you” and ask you to open the attachment to see it.  But the attachment has software embedded in it and by clicking the attachment, you have just given them administrator access to your device.  From there, they can do anything they want

Or the email might have a URL link that they want you to click on.  In reality, that link runs software that is embedded in the HTML message that you can’t see,  Again, by clicking the link, you (as the device administrator) are giving them permission to run this malicious software.  One of the worst forms of this is called ransomware.  Ransomware encrypts the contents of all of your folders, including any attached disks, and threatens you to pay a fee to return it to normal or you will lose everything.  At that point it is too late.  If you don’t have an offline backup, you have lost everything.

So what can you do?  
The most important thing you can do is have a backup of all you important information. That backup could be a “cloud-based” backup, like Google Drive, Dropbox, iCloud Backup or something similar.  There are dozens of good ones to chose from.  Or you can use an external (usually USB) hard drive as a backup. It is best to keep all of your important files in one or two folders, like Documents and Photos.  You really don’t need to backup everything on your device, just those important things that are hard to replace.  Music libraries, while important to you, can be recreated and they take up a lot of space.  If you have a lot of videos, I suggest using the external drive.  They can take a lot of space and you might have to pay extra for that much cloud backup.  

Get in the habit of doing backups!  If you generate a lot of new material every day, then maybe backup daily, but most people would do fine with a weekly backup.  Maybe that becomes a weekend chore.  Also, if you use an external drive, DO NOT leave it plugged in all the time.  Only plug it in to do the backup and then unplug it.  Ransomware often encrypts every connected drive.

Next, be very critical of every email.  If you don’t know and trust the person sending it, then NEVER CLICK on links or attachments.  Don’t fall for first names only.  Always be sure where the email is coming from.  Be suspicious of emails from places like Apple, Google, Yahoo, etc.  It is very easy to copy logos and make the email look official.  If you get such an email, NEVER CLICK the link to log in.  ALWAYS open a browser and go to their website to log in.

Here is a good example of what they can do.  Below you will see two URL links.  They both look the same.  But if you click on them (Yes, you can trust me) you will see that they go to two different places.  Keep in mind that the text of the link that you see can be completely different than the actual link that is embedded in the email….

Another trick you can use to check out links without actually clicking on them.  Often, if you just hover your mouse over a link, the browser (or other applications like Outlook) will show you the actual link, not what you see.  This is especially important because if you look at the actual link and see a .php or .js in it, that is actually an embedded software program.  Be suspicious!

To sum up….

  1. Backup!
  2. Backup!
  3. Backup!
  4. Never click the link unless you are sure of it’s source.  Instead go to their web page and log in that way.