Cybercriminals often use phishing emails to get you to click on malicious links or attachments. Clicking on these scams can trigger a malware infection that places all your sensitive data at risk of becoming compromised. Before deciding to click on an attachment, you should make sure it’s safe to open.
You can check if an email attachment is safe by having antivirus software scan the attachments in your emails, double-checking who the sender is and not opening any attachments that are marked as spam. Keep reading to learn more about unsafe email attachments and how you can keep yourself from falling victim to them.
The Risks of Opening Unsafe Email Attachments
One of the biggest risks of opening unsafe email attachments is having your device become infected with malicious software called malware. When malware is successfully installed onto your computer, it can log your keystrokes, take screenshots of your activity and compromise your computer’s camera or microphone. All of this data is then sent to the cybercriminal who targeted your device.
Cybercriminals use malware to steal your sensitive data such as your account login information or credit card numbers. Depending on the type of malware that is installed on your computer, what the cybercriminal can get away with varies.
3 Tips To Check If an Email Attachment Is Safe
Here are tips you can use to check if an email attachment is safe.
Double-check who the sender is
Checking the sender’s email and name is a very important step to take before deciding to click on an email attachment. However, you cannot just rely on the sender’s name to verify an email. Many cybercriminals spoof the names of senders to make it look like they’re coming from a trusted source, when in reality, they’re not. Even if you use an email provider like Gmail, which released an update that shows a blue checkmark next to “verified” senders, don’t trust it fully. Cybercriminals have already found a way to exploit Gmail’s blue checkmark verification.
Instead, rather than clicking on the attachment, contact the sender yourself through another communication method to confirm that it is really the person or organization who sent it.
Don’t open any email attachments that are marked as spam
Many email providers flag spam emails and automatically place them into your spam folder. If your email provider does this, ensure you don’t open any attachments from those flagged emails as they’re likely to be phishing attempts.
Use antivirus software to scan attachments
Antivirus software is a type of program you install on your computer that detects, isolates and removes viruses and other malware before cybercriminals can successfully infect your computer. An added benefit to some antivirus software is that it can also scan the attachments in your email to check if they’re safe. If they’re not safe, your antivirus software will let you know.
Which Email Attachments Are Generally Safe To Open?
Some email attachments that are considered generally safe to open are:
- .JPEG
- .JPG
- .PNG
- .GIF
- .TIF
- .TIFF
- .MPEG
- .MPG
- .MP3
- .MP4
- .WAV
- .MOV
While these types of attachments are considered safe, we still recommend being cautious about clicking them, especially when they’re unsolicited or from an unknown sender.
Which email attachments are less safe to open?
Some email attachments that are considered less safe to open include:
- .EXE
- .DOC
- .DOCX
- .XLS
- .XLSX
- .PPT
- .DMG
- .ZIP
- .RAR
- .HTML
Before deciding to click on these types of attachments, we recommend taking precautions such as using antivirus software and confirming the sender. If it’s a file from a sender you were expecting, there’s most likely nothing to worry about.
What To Do If You Click an Unsafe Email Attachment
Here are the steps you can take if you accidentally click on an unsafe email attachment.
1. Disconnect your device from the internet
One of the first things you need to do is disconnect your device from the internet. Malware can spread through your WiFi and infect other devices connected to the same network if it remains connected. Disconnecting your device from the internet can also lessen the amount of damage the malware causes.
2. Change your passwords and enable MFA
After disconnecting your device from the internet, you should use a different device to change the passwords for all of your accounts, most importantly, your email. You can use a password manager to help you change the passwords quickly. Keeper Password Manager offers a free 30-day trial that you can start using right away. A password manager will help you create strong, unique passwords for each of your accounts and securely store them so you never forget them.
Along with changing your passwords, enable Multi-Factor Authentication (MFA). MFA adds an extra layer of security to your account to prevent anyone but you from being able to access it. An added benefit to using a password manager is that it can also store your 2FA codes and autofill them when you log in.
3. Scan your device for viruses and other malware
Most antivirus software programs work without having to be connected to the internet. If you already have antivirus installed on your infected computer, run a scan so the malware is removed from your device. If you don’t already have antivirus software, you’ll need to connect to the internet and download an antivirus program.
Some malware and viruses may prevent you from being able to download antivirus software. If this is the case, you’ll need the help of a professional. If you already have everything on your device backed up, another approach you can take is completely wiping your computer. Remember, wiping your computer will remove everything from it, including your files, pictures and other data, so only take this approach if you know all of your data is backed up.
4. Keep an eye out for suspicious activity
After taking the steps above, it’s important to keep an eye on your accounts. You never know what the cybercriminal could have gotten away with in a short period of time. Watch out for any suspicious activity such as purchases you didn’t make or unusual login attempts on any of your accounts.
Protect Yourself From Unsafe Email Attachments
One of the best ways you can stay safe from falling victim to phishing email scams is by knowing how to spot them. This means knowing the red flags to look for, like unsolicited email attachments. As a preventative measure, always use strong passwords on each of your accounts and always have MFA enabled. The stronger your cyber hygiene is, the safer you and your data will be, even if you accidentally fall for a scam and click on an unsafe email attachment or link.
Start a free 30-day trial of Keeper Password Manager today to start protecting your accounts and data from cybercriminals.
Source: Keeper