With the onslaught of cryptoviruses and phishing attempts, it is all the more important that we be very careful when opening E-Mails with links or attachments, even if they are from close friends and family you trust.  In this case (the message in the image), an E-Mail was sent to me from my mother with a very common and somewhat convincing message before providing a web link.

The warning in the yellow box, provided by Google For Business E-Mail, is a very handy feature that sounds a pretty good warning.  But, most E-Mail users are just using generic gmail accounts or programs where they likely won’t be given such a message.  So, what can we look for to avoid making a huge mistake and opening the link or attachment?

  • Observe the sender’s E-Mail address.  As in this case, although the E-Mail address is a family member, the actual E-Mail is not even close.
  • Does the subject make sense?  Why would a family member send a direct E-Mail with a subject suggesting that it is for me?
  • Are you expecting the attachment or link?
  • Even if the link or attachment looks credible, it is best to contact the sender and confirm that they did intentionally send it to you.
  • If in doubt, just delete it.
  • Check the spelling and grammar.  Although not true 100% of the time, a good portion of the cases have very poor grammar and spelling, likely due to poor google translation from their native language.
  • If you get a Word Document attachment and you do open it and see that it says that it is a different version of Word and you need to click on the bar at the top to install the conversion, don’t do it.  You will seriously regret that move.
  • Make sure you have a good anti-virus program installed and up-to-date running at all times.
  • Setup antivirus for your corporate E-Mail server.
  • If you the message is already relocated into your SPAM or junk mail folder, definitely confirm with the sender and verify multiple times before trusting it.

It isn’t only via E-Mail that scammers are trying to gain access to our electronics.  In the following example, this is a pop up that overtook a phone when opening an legitimate webpage.  When the user clicked back and then forward again, the actual target page loaded and the message was gone.

In cases like these, it is just best not to trust anyone or anything that tells you that your system is infected unless it is your installed anti-virus or the actual IT technician.

At the end of the day, we have to recognize that those responsible for trying to trick us are very smart (though usually horrible with spelling and grammar) and as we start to catch on to their existing tricks, they will revise them to be all the more convincing.  Just be that more diligent and not let your guard down.