As discussed earlier, email and attachments are common vectors to deliver malware and lead to cyberfraud. Even though the number of emails received and sent in a day can lead to carelessness, stay alert to the dangers. This includes:
- Double-checking the recipients on any email, especially when replying to another message. It is simple to spoof a display name so that the message is going to a completely different email address.
- Watching for typos, grammatical errors, and other signals that the message may not be from who it seems.
- Never clicking on a link in an email unless 100% sure it is safe. Hovering the mouse pointer over the link will usually provide a pop-up box displaying the real link address. If it appears suspicious, avoid it. Instead, manually type in a known good link into the browser to go where needed.
- Some offices maintain an isolated virtual machine or sandbox, which is physically separated from the network and other machines for safety. Consider opening the message or any attachments there, but keep in mind that the resulting infection may not be obvious.
- If you are not absolutely sure that a message is legitimate, call the sender and confirm. DO NOT reply to the email – the account may have been compromised and there is no way of knowing if the sender you are replying to is real. Phoning them so you can verify their voice and authenticity is far safer.