E-Mail Security Guidelines

The following are some general guidelines to help keep your computer safe from viruses, hijacks, and other malicious attacks with regard to e-mail usage.

Computer viruses and Spyware can be sent via email and these are some of the unfortunate aspects of the Internet. Like everything else though, a little education goes a long way to protecting yourself and your valuable data!

Virus – Usually sent around with email as attachments or by visiting infected websites.  These are executable tid-bits of code designed to do all manner of maliciousness. One very common “feature” of viruses is that they replicate themselves by forging a fake email address and sending itself to as many recipients from the infected machine’s email address book as it can.

Best practices:

1. Don’t open attachments unless you know who they are from and you are expecting to receive them. If you receive an email that seems suspicious contact the sender before opening to verify it is a valid email.
2. Check the email address it is from and verify that it matches what the subject and email address is for.
   Example: a Trojan Virus going around at the moment seems to be coming from UPS including a tracking number. It includes a zip file which has a executable In it. A usual rule of thumb is companies do not send valid unsolicited correspondence with ZIP or other attachments or asking for personal information. (if in doubt you can contact the company through their official website or phone number if you have doubts to the authenticity.  Furthermore, NEVER open an attachment that contains an executable file (.exe) included within a zip file.

Spyware – This is a variation on computer virus. Basically this is some company spying on your online habits… what websites do you visit, etc. These commonly use exploits of the browser or plug-in software to install themselves.  These typically are installed as a result of visiting websites, both with and without the user’s consent.

Best Practices: See Virus Best Practices.

Spam – Unsolicited email. (aka. UCE-Unsolitcied Commercial E-Mail) You know, these tend to advertise phony investments, pornography, mortgage rates, male enhancement, blah, blah, blah.  The broader category of SPAM can also include legitmate commercial advertising.

Best practices:

1. Guard your “real” email address. Subscribing to newsletters and for updates can get you put on spam lists. Be careful to whom you give your e-mail address.
2. Don’t ever reply, and do not “unsubscribe” except from 100% certain legitimate sources.  (This just confirms the address they have is valid.)

Phishing – the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.

Best Practices:

1. Be suspicious!  If you aren’t expecting the communication and you didn’t do something to make it come to you, question it.  Call the company directly and make sure the communication is from them before acting.  As a rule, businesses will never e-mail you to solicit any information, especially without you knowing it is going to happen.
2. Look at the links.  Most phishing e-mails have links embedded in them.  Most e-mail viewers will allow you to ‘mouseover’ the link to see where the link is going to take you.  If the top-level domain isn’t for that company, it probably is not legit.  If you don’t know what a top-level domain is go back to step 1.

Virus, Spyware, Spam and Phishing protection requires vigilance on your part in conjunction with Antivirus / Antispyware protection to keep your computer from becoming infected. Following these steps will go a long way towards protecting yourself and your computer system and your data.

If you feel your system may have been exposed to an outbreak, or you know your system is suffering from the effects of a virus or other ‘malware’, please do not hesitate to call us at (502) 447-9294 for help.