Malware
What is email malware?
An email malware (malicious software) is a software program/ code sent as attachments or URLs in an email intended to infect the target user's computer and hack sensitive data. Cybercriminals use different types of malware to take control of a user's system, track their usage, extract sensitive data and demand a huge ransom to return their data. Hence all email users must be educated about malware, the malware types and the consequences of a malware attack, to protect their email accounts/ computers from getting compromised.
What are the types of email malware?
There are different types of email malware that fraudsters use to hack into a user's system. To mention a few:
- Adware - Advertising software (adware) reduces the security levels of the user's computer to publish irrelevant ads. Viewing too many unnecessary ads and pop-ups will diminish the user experience and productivity to a great extent. Adware can also remember the user's browsing patterns and display ads based on their usage history, thereby deceiving the user to purchase products over the internet.
- Botnets - Botnets are a network of computers that are already infected by a malware. These botnets can be controlled by fraudsters through remote sessions, and users never get to know about their system being hacked.
- Keylogging - Keylogging is a method in which attackers record the user's keystroke by installing a spyware in the user's computer. Once the spyware is installed, the hacker can gather sensitive user information such as login credentials, account numbers etc.
- Ransomware - As the name goes by, a ransomware locks down the user's system and encrypts the user's data. The attackers then demand a huge payback to decrypt the data or threaten to leak the sensitive information on the web.
- Spyware - Spyware is a kind of malware that hides and runs in the background with the sole purpose of spying on the user's actions. Without the user's knowledge, spyware tracks the activities done by a user and collects their personal information such as login credentials, financial records, etc.
- Trojans - One of the most vulnerable malware is the Trojan. It disguises itself to be a trusted software and tempts users to download and install it on their systems. Once installed, trojans stay within the system to decode the security measures taken by the user and further infect the entire computer.
- Virus - The most commonly known and dreaded malware type across all sectors is the Virus. Fraudsters attach the virus as a file in an email. Once a user falls for the bait (opens or downloads the file), the virus executes itself (similar to macros). It then quickly spreads across the system and infects other clean files and damages the system by deleting or corrupting the core files.
How to identify malware in emails?
The first step in identifying a malware is to stay vigilant while opening emails. Observe the discrepancies in the email and try to differentiate whether it is a clean email or contains any malicious content. While there are many ways to recognize a malware in an email, it is recommended to pay attention to the points given below:
- Sender email address - Ensure that you know the email sender or the domain from which you have received the email is a trusted one.
- Personal information - If the email requests you to reconfirm your identity to prove ownership of a dormant account, do not click on any URLs or open the attachments in such an email.
- Unsafe attachments - Validate the file name and the file type before opening any attachments.
- Unsafe URLs - Hover over a URL before you click it. Ensure the redirection of the URL is the same as that displayed.
- Warning/ sense of urgency - Emails with a malware tend to have a warning message to the users asking them to complete certain steps within a short duration or take necessary actions on their account, etc. Do not fall prey to the content of the emails that have a sense of urgency.
- Recipient list - Check the recipient list for any known users and collaborate with them before you follow the instructions given in the email. This also helps to prevent your other team members from becoming a victim.
In all the above circumstances, users should try to validate the trustworthiness of the email and then take appropriate action (delete, mark it as spam, etc.).
How to prevent a malware attack?
Fighting against a malware attack is an all-time activity for all businesses that use email as their professional communication medium. While it is well known that a malware attack is unavoidable, organizations can follow certain best practices and take preventive actions to evade the attack.
Best practices
Some of the email usage best practices to avoid falling prey to malware are listed below:
- Deploy a robust cloud-based email security application for your organization and set up strong email policies.
- Do not click any links or download attachments in an email that has come from an unknown sender.
- Visit only those websites that you trust. Websites can save cookies and track user behaviour.
- Exercise caution if an email requests you to enter your personal information. Do not provide personally identifiable information over normal emails. Make use of SecurePass email.
- Do not share your email address in open forums and communities.
- Pay attention if you see an executable file in email attachments. It is recommended that you do not open executable files from emails. Reach out to your organization's system administrator for the appropriate installation file.
- Conduct periodic awareness training sessions for your organization's users to keep them updated on the latest types of attacks and the methods to evade a malware attack.