Let’s face it. The weakest link in protecting our personal security on the internet is Us. Social engineering has been amazingly successful for the proliferators of computer viruses.
Below is an email that I received today, and the inspiration for this short article. You can see that the email has a spoofed address that purports to come from a @key.com email address. You can see the encrypted zip file attached. In the second image, you can see from the internet header that accompanies every email that the message was passed by ClamAV. Since ClamAV can’t see inside the encrypted file, no virus flags were raised.
Thankfully, I do not bank at Key Bank, so this message raised flags with me immediately. Someone who actually does do business with them could easily be duped into thinking that this was an important message from their bank.
In a case like this, we users are the last defense. What should sound alarms for us is the process that we are being asked to participate in. Would it ever make sense to send someone an encrypted file if the password was clearly visible in the same message? Only if you are trying to dupe someone into opening and running a file.
A few rules of thumb to keep you safe on the internet.
1. Have antivirus protection installed and use it.
2. Delete messages from people you do not know, particularly if they contain links that they want you to click or files that they want you to open.
3. Never, ever open an encrypted file if the password is included in the email. This goes against everything that encryption stands for, namely, the privacy of the password.
4. Due to privacy laws in the U.S., your bank will never send you an email like this. With rare exceptions, they will require you to log into their website to conduct any online communication.
Use common sense. If it feels wrong it probably is wrong. Better safe than sorry when it comes to your email.