Blog

Dealing with suspicious and malicious emails

Over the last few months there has been a significant increase in the number of suspicious and potentially malicious emails. These are more than just annoying “spam”, these are emails that can cause damage to software, sneak rogue programs into your system (trojans), compromise security by gaining access to secure usernames and passwords, and even misleading employees to pay seemingly genuine invoices. We are taking this opportunity to contact all Magma customers and any associated business contacts, with some tips on how to both identify and deal with any potentially harmful emails that they may receive. Below is a short guide, hopefully it will prove useful.

A number of Magma customers enjoy clean email thanks to our SpamTitan Cloud platform, which ensures that 99.9% of harmful emails are kept well away from where they can do damage. SpamTitan allows customers to analyse any suspect emails safely and at leisure, to whitelist, blacklist or just ignore. That way you only get the emails you want to receive.

If you are not already enjoying the benefits of significantly cleaner email, give us a call to discuss.

Dealing with suspicious and malicious emails

Spotting a malicious email can be tricky, even for the most tech savvy of people. Even with measures in place to block spam, some legitimate looking messages may still manage to make it through. There are however a few
simple steps you could take to ensure you, or your organisation are not compromised.

The Different types of spam emails

Here are a few well known “types” of malicious email and how they differ: -

Scams: Intentional deceptions made for gain, or to cause damage through email. For example: “You are a winner of our £1,000,000 lottery fund! Click here to claim your reward.” These rely on the recipient being tricked into getting involved.

Spam: Also known as junk email, designed to trick you into thinking their message is worth reading. For example: “Great value medical store!” These are more an annoyance than a risk, generally attempting to sell you something.

Hoax: Warnings about a non-existent threat, or an offer that sounds good to be true. For example: “Your LSE account will be deactivated in 24 hours unless you confirm your email address and password.” These emails are designed to spread fake news for one reason or another by attempting to get as many people involved as possible. Usually these can be debunked with a brief search of the internet.

Phishing: Pronounced ‘fishing’. Phishing emails try to entice you into disclosing personal information, such as your username, password or bank account details. For example: “You have been given a tax refund. To help us process your payment, please click here and enter your name, address, phone number and bank details.”
These can be very dangerous, as entering your personal data immediately discloses it to the sender and likely it will be used for illegal activities.

Trojan: This is where the email contains a file / document or a link to a file / document that if clicked on will allow a small program to be installed on your PC without you being aware. This in turn can give another person access remotely, collect sensitive data such as usernames and passwords, or allow them to monitor what you are doing in real time. These are classed as a virus, and most anti-virus applications will identify and block them. These are dangerous to receive and need to be deleted from all mailboxes where they have been received.

Virus: Simply put this is an email with an attachment or content that will aim to damage your operating system or lock you out of it completely. In some cases, a ransom may be demanded to remove it, but most of the time it’s just going to cause you a lot of wasted time and effort.

Spoofing: When the sender address of an email has been altered to hide its true origin, used by virus and spam authors to make their emails look legitimate and lure people into clicking on links or downloading attachments. For example: The email looks as if it is from one address but is actually from a different address. These can be risky if the recipient isn’t paying attention but are easy to avoid.

How to spot a suspicious email

Look at the sender’s email address – Email addresses can be easily spoofed to look like someone you know, or they could be subtly different, with a misspelling or from a different country or domain on it (Support@example.com.ru, or support@microsofts.com)

Look at the Subject line – Does it create a sense of urgency? These are typically viruses. Does it have a single word in it but appears to be a response like “Re: Document”? – This is also a tall tell sign of a virus.

Look at the body of the message – If the sender is a recognised sender, does it follow their normal emailing criteria – Does it have a salutation – is it directed to you specifically, or is it generic (Hi, vs Hi Adam,). Does it have a signature for the person who sent it? Does it match the name of the person you identified in the email address above? Does it have the company’s contact information and/or graphics that you’ve been accustomed to seeing if you’ve received mail from them before?

Look at the content of the body – Is it just asking you to open a file or go to a website link? Does it have ‘syntax’ gone wrong?

Look at the direction of the message – Does it ask you to open the attached file? Does it create a sense of urgency? With viruses, the purpose of the body is to entice you to open the attachment. A common method is by fear and urgency.

Look at the attachment – is it a zip file? Is it a PDF? Is it a docx or doc? – how big is it? If it’s really small, around 1kb to 22kb, it is most likely a virus – couple this information with the above identifying marks above and you will have a very good indication that it’s a virus.

What should you do and not do?

• Do not reply to an email that you suspect; you are probably not in communication with the real sender in most cases.

• Do not click on any links

• Do not open any attachment, even if you know the sender

• Do not act on the information given (‘pay this invoice’, ‘look at this it’s hilarious’ etc etc)

• If you have any concerns, contact the sender (if known) to confirm using an alternate method When deleting a suspicious email, use SHIFT DELETE (which will permanently delete the email)

As always please feel free to call us if you need to; never take a chance with an email being genuine.

Back to Blog

World Pay Logo