Spam, Phishing and Email

The price of liberty is eternal vigilance. And even more so when it comes to emails these days.

The last few days have seen yet another re-emergence of specific SPAM messages from organisations such as Australia Post, Energy Australia, the Australian Tax Office, and the Australian Federal Police that are designed to trick normal, smart, and sensible people into opening them and compromising their computers.

When you open these emails and click the links, malicious websites install software on your computer which can give remote access to your machine or encrypt all your files. And all your colleagues. And the company’s financial records. Yep. It doesn’t get much worse than that.

Wait… that sounds bad

Well, yeah. It is. There isn’t a way to sugarcoat this. You open an email and open the attachment. You think it’s legitimate, and then all of a sudden… bam. You can’t open photos of your kids. You can’t open that report you were working on for the last week.

But don’t we have anti-spam and anti-virus software?

Like an Antibiotic, Anti-Spam and Anti-Virus software needs to be developed to respond to each threat. Sure, there are some generic broad-spectrum existing rules that catch and treat a lot of the bad stuff, but when a new virus comes out they need to develop a treatment for it.

With new attacks being developed every day, the anti-virus and anti-spam vendors can’t always keep up.

So how do we stay safe?

  1. Don’t open emails you aren’t expecting. If you don’t think you should be getting an email from the AFP, you probably aren’t. Don’t open it; and if you really want to be sure, call them. Don’t open the shipping notice from Australia Post for the package you didn’t order. Don’t open the excel attachment with an invoice sent from the company you’ve never heard of.
    And if you’re not sure? Call the sender. Make sure they exist. Make sure they sent you something. It’s much better to be safe than sorry.
  2. Check the details on the email. An email from Australia Post probably won’t be from bigfatmonkey@gmail.com. The AFP probably isn’t sending an email from theaustrlaianfederalpolice@bigpond.com. Strange domains and spelling mistakes are excellent giveaways. Also check the whole domain. An email address that looks like accounts@agl.com.au.dlkjadslkj.com is not from agl.com.au. Check twice before you do anything.
  3. Don’t open potentially suspicious emails while you are tired. Just like you wouldn’t hop behind the wheel of your car if you are half drowsy, don’t read emails without your brain in gear. Mistakes are easy to make.
    Earlier this week I’d been working late, and then had a rough night with one of our kids. I hadn’t slept well, and came into work a little under the weather. I almost opened an Excel invoice from a supplier — before it clicked in my brain that we never get Excel invoices. I checked the sender’s details and noted that the email was sent from aol.com. I caught it, but only just. Tiredness impacted my ability to process this sensibly.
  4. Use the website of the provider rather than the email. If you get an AusPost shipping notification, go to Australia Post’s website and enter the consignment number there. Don’t click the link.
  5. If in doubt, ask. Ask a colleague. Ask your IT company. Ask your smart, computer-savvy friend. Ask your children or tech-whiz relatives. Ask anyone you trust to give you the relevant guidance and information.
  6. Do make sure your anti-virus software is up to date. Sure, it may not always be foolproof — but a large number of horrible situations can be avoided with vaccination.

What happens if I got infected with something?

You know that moment of dread when you do something on your computer, your heart sinks, and you realise something bad is probably happening?

Don’t ignore it.

Equally, if something strange is happening — your files are no longer readable, or your computer is telling you your data is encrypted and you have to pay a ransom — don’t ignore it! The longer you leave it, the worse it is.

  1. Disconnect your computer from the network. Turn off wireless. Unplug your cables. If you don’t know how to do that, go straight to step 2.
  2. Turn your computer off. Do it however you can. Shut down. If that doesn’t work pull the power. Remove the battery. Whatever you need to do. Your computer probably will need to be rebuilt, and anything you do at this stage isn’t going to hurt it more.
  3. Tell your Manager or IT company. Not telling someone is far worse.

Most email viruses at the moment are ransomware. This means they encrypt the data on your computer and ask for money to get it back. Given we don’t negotiate with criminals, the usual practice will be to:

  1. Restore your company data from the backup that was taken the previous day
  2. Format and rebuild your computer and restore your personal data from a backup

Sometimes it’s not your computer. It might be someone else’s computer. Hopefully they’ve told someone. But if they haven’t, you might be the first person to notice — and your IT people will need to work out where the affected machine is and fix it.

I’m not sure my business can cope with something like this?

I know this information can seem overwhelming. Many of the examples I used above imply negative scenarios that feel foreboding. Unfortunately, the data indicates that it’s not a case of if you will be impacted by viruses or malware, it’s a case of when.

Real World can help you build backup and disaster recovery solutions that protect your business in cases exactly like this. It’s precisely the reason why we have a team of skilled engineers with expert knowledge and innovative solutions.

Rather than following the impulse to close our ears and eyes in the face of technology threats we don’t understand, Real World customers are emboldened and empowered. Let’s take action armed with knowledge and expert support. That’s the best kind of continually-evolving antibiotic.

Leave a Reply