Precautions to take when opening email attachments

7 Comments

  1. “First and foremost, ever click on an email attachment that you were not expecting.”
    “Over your mouse pointer over the attachment.”

    Great advice! Even if a bit incomprehensible.

  2. I bring up my Linux live CD, open the file. If it crashes, it was supposed to.
    If it trashes the browser and lots of ads pop up, etc, just turn off the power.
    If it is legitimate, OK.

  3. This advice is not practical for lawyers who have thousands of clients or potential clients. “Knowing” the client means little when clients have their emails hacked and potential clients are not known. You could refuse to accept all attachments but that is likely to cause an attorney lose clients or potential clients.

    Any practical advise such as the best scanner for attachments? Accept only PDFs not Word docs?

  4. There are numerous strategies. Here are a couple.

    Inform your clients that you accept only PDF attachments, and that if they send a different type of attachment you will have to call them to confirm which will increase their bill. If they send an infected attachment this may require disinfecting your computer which will also add to their bill. This gives them incentive to always send PDF.

    Another option is to have a dedicated computer for screening email and saving, testing, and filing attachments. The computer can be put on a separate subnet to keep it isolated from direct access to other computers in the office to protect from the worst case scenario – a ransomware worm.

  5. PDFs cannot be infected?

    Not everyone has a PDF maker but clients can be encouraged. Also, good luck trying to bill consumer clients. Perhaps you were assuming the clients were big corporations but they would be sending PDFs in the first place.

    The dedicated computer is also completely impractical, especially since you want it to be outside the network.

    Are there any real figures here? How many millions of emails are sent each day and how many actually contain any kind of harmful virus that gets through basic A-V screening?

  6. PDFs can be infected. Jeffrey, I’ve been in the field 27 years but got involved with virus and malware removal the last 10 years. I’ve only dealt with the dreaded ransomware 7 times. Six of those 7 had popular and updated corporate AV/security programs installed. In each of the 6, the virus program detected and deleted or quarantined some or all of the malicious files but not fast enough. The users’ files still ended up encrypted. Four of the six had current backups, two lost everything.
    The attachments were either zipped files or PDFs. In one of the PDF cases, the email looked entirely legitimate from a user in her own internal network. It was a spoofed email. As far as real figures, one of the infected clients was down for two weeks as the ransomware ripped through all of their servers and they struggled with restoring from backups. They dealt with hundreds of thousands of emails through out the years. It only took one to bring them down. I’m not going to plug any vendors, but if you do not have one, a serious hardware firewall would help.

Leave a Reply

Your email address will not be published. Required fields are marked *


2 + 9 =