We are often asked how is it possible to still get a computer virus when anti-virus software is installed. Or why suspicious emails are being received even though spam filtering is in place. The answer is quite simple – virus protection software developers aren’t mind readers, they can’t easily predict what form the next threat is going to take. They can make educated guesses but cybercriminals are constantly coming up with new and innovative ways to bypass protection software.
Over the years we’ve seen numerous types of virus emails including messages crafted to look like ATO refunds, Australia Post parcel deliveries, bank account update requests, software updates, scan-to-email to name a few. They seem to come in waves with the current trend being an email with an attached “invoice”. The most recent spam email campaign stooped low enough to use the passing of David Bowie as a hook to trick unwary recipients into opening an attachment or clicking on a link leading them to malicious code.
If you have anti-virus and other protection software in place it is easy to become complacent and assume that you are safe to open any received files, click on links, visit any website or download applications from the web – NOT SO! Malicious code is constantly being updated and changed to avoid detection. By opening an attachment or clicking on a link you run the risk of allowing a new virus to infect not just your machine but also any other computer within your network, leading to potential disastrous impacts in downtime and cost.
Below is an example of a virus email. Take note of the various tell-tale signs that something isn’t right:
- An unfamiliar or unusual sender’s email address. Ask yourself if the address matches any person or company you have had dealings with. Note the .com.br ending in the example above.
- An unexpected attachment or link to a file. Have you ordered a service or product from this person/company? Have you previously received invoices or documents in this format?
- Does the email address you by your name?
- Poor grammar, typing errors, ambiguity or mismatched information. In the example, it says that an invoice is attached but then says that payment will be deposited.
- An unfamiliar sender and/or lack of further contact details in the signature. Do you know this person and does their name have some connection to their email address?
If you receive an unexpected email offering anything that sounds suspicious ignore and delete it. If you are still unsure phone the sender to verify the legitimacy.
If you are not 100% certain of the legitimacy of an email, do NOT open attachments or click on links within the email.