Cyber Security – Email Security
Email security is a priority for all businesses, with the growing threat of hackers, viruses spam, phishing and identity theft, as well as the need to secure business information.
Email security is mainly a manual thing. Antivirus software will highlight most of the viruses etc. however the phishing and ransom ware comes in through what seems to be an official email so very hard for most software to detect.
Most people dealing with email everyday in business will notice differences or things out of the ordinary. Lets face it no banks, financial institutions, Govt dept etc will ever send you an email asking you to login from the email or ask for a password.
Most cyber security problems for most businesses will happen because someone clicks on an email link.
Here are some warning signs of possible malware links:
The Link is a Shortened Link
Link shortening services such as bitly and others are popular choices for anyone trying to fit a link into the confines of a Twitter post. Unfortunately, link shortening is also a method used by malware distributors and phishers to conceal the true destinations of their links.
Obviously, if a link is shortened, you can’t tell whether it’s bad or good just by looking at it, but there are tools to allow you to view the true destination of a short link without actually clicking it. Check out our article on the Dangers of Short Links for details on how to view a short link’s destination.
The Link Came to You in an Unsolicited Email
If you received an unsolicited email that is supposedly from your bank asking you to “verify your information” then you are probably the target of a phishing attack.
Even if the link to your bank in the email looks legitimate, you shouldn’t click it as it could be a phishing link in disguise. ALWAYS go to your bank’s website by entering their address directly into your browser or via a bookmark you made yourself. Never trust links in e-mails, text messages, pop-ups, etc.
The Link has a Bunch of Strange Characters in it
Oftentimes, hackers and malware distributors will try to conceal the destination of malware or phishing sites by using what is known as URL encoding. For example, the letter “A” that has been URL-encoded would translate to “%41”.
Using encoding, hackers and malware distributors can mask destinations, commands, and other nasty stuff within a link so that you can’t read it (unless you have a URL decoding tool or translation table handy). Bottom line: if you see a bunch of “%” symbols in the URL, beware.
How to Check a Suspicious Link Without Clicking it
Ok, so we’ve shown you how to spot a link that might be suspicious, but how can you check out a link to find out if it’s dangerous without actually clicking it?
Expand Shortened Links
You can expand a short link by using a service such as Untiny or by loading a browser plug-in that will show you a short link’s destination by right-clicking the short link. Some link expander sites will go the extra mile and will let you know if the link is on a list of known “bad sites”.
Scan the Link with a Link Scanner
There are a host of tools available to check the safety of a link before actually clicking on it to visit the site. Norton SafeWeb, URLVoid, ScanURL, and others offer varying degrees of link safety checking.
Enable the “Real-time” or “Active” scanning option on your antimalware software
In order for you to have the best chances of detecting malware before it infects your computer, you should take advantage of any “active” or “real-time” scanning options provided by your antimalware software. It may use more system resources to enable this option, but it’s better to catch malware while it’s trying to enter your system rather than after your computer has already been infected.
Keep Your Antimalware / Antivirus Software up to Date
If your antimalware / antivirus software doesn’t have the latest virus definitions, it’s not going to be able to catch the latest threats in the wild that might infect your machine. Make sure your software is set to auto update on a regular basis and check the date of its last update to ensure that updates are actually taking place.
Consider Adding a Second Opinion Malware Scanner
A second opinion malware scanner can offer a second line of defense should your primary antivirus fail to detect a threat (this happens more often than you would think). There are some excellent second opinion scanners available such as MalwareBytes and Hitman Pro. Check out our article on Second Opinion Malware Scanners for more information.