An estimated 269 billion emails go out each day, according to a recent study by The Radicati Group In Palo Alto, Calif. (Email Statistics Report, 2017-2021)
Our inboxes are increasingly busy and many people have more than one email address. With so many emails coming and going, it’s easy to fall into the trap of clicking without looking very closely.
- But in the age of ransomware and malware, that can be a very expensive mistake. Here are some questions to ask to help you and your staff spot risky emails.
- Did the file land in a junk or spam folder? Unless you’re positive that the email is legitimate, leave it in the spam folder and don’t click any attachments or links. Your email provider is probably right — this is an email you don’t want or need.
- Do you know the sender? Any email from a stranger should be viewed with suspicion.
- Was the email sent only to you? Spam and malware are volume businesses. They make their money by finding one or two unsuspecting people every thousand. If someone other than you appears in the “To:” field, that might be a red flag.
- Were you expecting this email? Successful phishing attacks often exploit a compromised user’s address book to send the malicious software to their contacts and friends. If you see a puzzling email from someone you know, rather than click any links or attachments, email them back and ask whether they meant to send that email. Chances are you’ll be doing them a favor by alerting them that they’ve been hacked.
- Does the message make sense? Broken English, vague messages, language that doesn’t sound like a typical message from your sender — read suspicious messages carefully for clues that the real sender is someone other than who they claim to be.
- Are there attachments? Never open an email with .exe, .cmd, .bat, or other file extensions that execute code when you click them. Image file formats such as .jpeg and .png are more reliable. Standard Microsoft Office files (.docx, .xlsx, .pptx) and PDFs are typically safe if you keep your software updated, but file types that contain macros (.docm, .xlsm, and .pptm) are risky. Generally, only open attachments from your most trusted senders and only if nothing else about the email is suspicious.
- Do the links take you to where they say? You don’t have to click a link to know its destination. Just hover over the link text and look at the URL in the preview pane. If you don’t recognize the address or it looks strange in any way, don’t click.
