Malware and Social Engineering
Nowadays it is all malware and cryptolockers in the world. Extra effort is needed from the ICT department or engineers. They can check out logs, check firewall rules, keep everything up to date, etc.
But.. Most of this malware is coming in through mails due to carelessness of end-users.
End users can pay attention to
- I don’t recognize the sender.
- Normally from this sender i don’t receive mails. (ie. grandma that only phones)
- The email is from someone outside my organization and it’s not related to my job.
- This email was sent from someone inside the organization or from a customer, vendor, or partner and is very unusual or out of character.
- The senders domain looks suspicious. (ie. microsoft-support.com or mikrosoft-support.com)
- I don’t know the sender personally and they were not vouched for by someone I trust
- I don’t have a business relationship nor any past communications with the sender.
- This is an unexpected or unusual email with an embedded hyperlink or an attachment from someone I haven’t communicated with recently.
- I was addressed in a mail sent to one of more people, but i don’t personally know the others.
- I received an email tha was also sent to an unusual mix of people.
- Wanneer ik met mijn muis over de link ga is het adres (url) anders dan in het bericht!!!
- When i hover my mouse of a hyperlink, the link (url) is different than in the message!!!
- Ik ontving een mail dat alleen een link heeft, zonder verdere informatie, de rest van de mail is leeg.
- The mail received only contains a link, no further information.
- The link is not correctly spelled. (ie. www.bankofarnerica.com – the “m” is really two characters a “r” and “n”)
- The message was nog sent during normal office hours. It was sent on a unusual time. (ie. in the middle of the night)
- The subject was irrelevant or does not match the message.
- Is the mail a reply to a message i never sent or requested?
- The sender included an email attachment that I was not expecting or that makes no sense in relation to the email message.
- This sender doesn’t ordinarily send me this type of attachment.
- The attachment with a possibly dangerous file type.
- Is the sender asking me to click on a link or open an attachment to avoid a negative consequence or to gain something of value?
- Is the email out of the ordinary, or does it have bad grammar or spelling errors?
- Is the sender asking me to click a link or open up an attachment that seems odd or illogical?
- Do I have an uncomfortable gut feeling about the sender’s request to open an attachment or click a link?
- Is the email asking me to look at a compromising or embarrassing picture of myself or someone I know?
- Is the sender telling me that there was a package delivery that was unable to complete because no one was home while there was? (ie. package delivery at your company at 2pm during business hours failed)
And if there are any questions, your ICT department would be glad to help you or inform you to keep the infrastructure clean!