Attachments should never be thoughtlessly clicked on… Unless you are absolutely sure of the sender and were expecting the attachment in question. In this matter, it is not bad to be careful: most viruses and other malware enter computer systems as a result of a simple click on an attachment.
You will also be interested
[EN VIDÉO] What is a cyberattack? With the development of the Internet and the cloud, cyberattacks are becoming more frequent and sophisticated. Who is behind these attacks and for what purpose? What are the methods of hackers and what are the most massive cyberattacks?
You should never click on an attachment sent by email, if you have not expressly requested it. When someone close to you sends you a message with an unsolicited attachment, ask them before clicking on that attachment. Ideally, call him to get to the bottom of it. It is possible that he answers you in a bewildered tone: But no, I didn’t send you anything!… If he confirms that he did send you this attachment, be on your guard all the same. It may be an “amusing, interesting, unusual” file that he himself received by email and that he hastened to relay. Yes, but how can you be sure that he has not unknowingly relayed an infected file?
If you don’t know the sender, the safest thing to do is to delete the message. If the attachment is related to your professional activity and could therefore seem useful, it is best to check that the message is valid, again by contacting the interested parties by telephone or SMS.
Malware usually enters through an attachment
Good to know: lots of malware break into a computer system following the click on an attachment by a simple user.
The moment the user clicks on the attachment, malware can kick in and do its job of nuisance. In 1999, Melissa was the first virus to use email in this way to operate a contamination in large scale. A click on an attachment was enough to trigger it.
Other viruses followedagain operating on the propensity to want to open an attachment: thus I love you (May 2000), long considered the virus that caused the most damage, worked like this: the Internet user received a love letter that had to be opened by clicking on the attachment. Gold, I love you caused real damage to the Hard disk, rendering various files unusable but sometimes also elements of the Windows system. In addition, this virus explored the Internet user’s address book and sent the same message to each of the people listed there. The recipients, believing they were receiving a message from a loved one, opened the attachment and in turn triggered the sending of this same message to their correspondents.
Nowadays, these are ransomware or ransomware in English which have become the biggest threat to businesses today. Their action consists in operating a encryption hard drive, rendering its contents unusable. You have to pay a ransom to get the key. decryption. But, again, the ransomware come into action through malware contained in email attachments.
Identify executable files
Above all, be wary of any attachment containing a program with the “.EXE” extension and therefore an executable file. If in doubt, you can move the mouse just above the attached file, to reveal its full name. If it is an .EXE, the safest thing is to destroy the email. You should also avoid opening files with the following extensions:
- ISO: programs used to create a copy of what is on the hard drive;
- ZIP, TGZ, LHZ…: compressed file extensions. They can be used to hide a harmful executable. Thus, you think you are receiving a document such as a payment when in reality the compressed file hides an executable;
- MSI or DMG: these extensions relate to software installers, respectively on Windows and Mac ;
- DOC, XLS…: some documents Microsoft Office may contain macros – small programs run from Word, Excel, etc. However, it happened that cleverly programmed macros caused a lot of damage.
We have seen it: the simplest way is to check whether the document was indeed sent by an acquaintance or a colleague and for what purpose. Failing to obtain this information, it is better not to open it.
Use file transfer services
The case is heard: it is better to avoid clicking on attachments. But then what if you want to exchange files with another person? It is best to use a secure data transfer web service such as WeTransfer, Grosfichiers.com, Swisstransfer or Smash.
You can also use Dropbox, a application which facilitates the exchange of files on a shared cloud. Again, this service relies on encryption. If the file you want to exchange is really sensitive, you can encrypt it yourself beforehand using a utility as 7zip available at this address: https://www.7-zip.fr/
Interested in what you just read?