The MUST DON’Ts of When you open your email.
Recently I was talking to a coworker by their desk while they were mindlessly checking their email. While I was telling a story about my dog, I saw my coworker click on an .exe attachment on a very obviously phishing message. My heart dropped and I immediately told them to delete the file. Thankfully we caught it while it was still downloading and canceled the download, so that day the computer (and possibly our entire company) was safe. But this made me think, how many employees out there don’t know the “Must Don’ts” when checking emails?
So I decided to make this quick tutorial.
MUST DON’T #1
Never ever ever open any email attachments that end with: .exe, .scr, .bat, .com, or other executable files you do not recognize. The only filetype that is truly safe is .txt
For those who don’t know, executable files are programs that once opened install or run on your system. An .exe file is perfectly fine if it is from the official Microsoft website for example. But also be careful, hackers love to make their websites sound like official trusted companies, so always read domain names very carefully. Note that www.microsoft.com and www.support.microsoft.software.com are two different domains. (and only the first is real)
If you get an executable file like the one my coworker got, it’s most likely a virus or some sort of malicious software. This is how ransomware gets installed!
MUST DON’T # 2
Do not click on “Unsubscribe” in emails that seem suspicious. Hackers will hide malicious links in the “unsubscribe” link at the bottom of the page. They know people will want to rid themselves of pesky emails so going all the way down and clicking unsubscribe is something a lot of us do.
This one is really tricky. Sometimes you will get emails that look like regular marketing emails. Recently I got a bunch of emails from Kohl’s. Luckily for me I knew this was suspicious since I never gave Kohl’s my email, but if I had given them my email I might have fallen for the trap.
The most important thing to note here is to check the email to see if it is a legitimate email from that company. Further down we will talk about the MUST DO’s, and there you can learn how to check the legitimacy of an email.
MUST DON’T # 3
Never click embedded links in messages without hovering your mouse over them first to check the URL.
In other words, ALWAYS over your mouse over a link before clicking it. This is so important. Let me give you an example: if you get an email from Kohl’s like I mentioned above, and the link says “Shop our Summer Deals”, you should always hover your mouse over the link. When you do this a little box will show you where that link is actually taking you. If the box says xfr376.me/4678/g29j8l or something like that, you know you won’t be going to see the Kohl’s Summer deals, instead you will most likely be taken to a malicious site.
Imagine getting in a taxi and the shady driver takes you somewhere else you didn’t want to go. How nice would it be if you could check before getting in that he will actually take you home and not kidnap you?
MUST DON’T #4
Don’t respond or reply to spam in any way.
Always just delete the message. If you are mad at the spammers and want to give them a piece of your mind, that will only make them win.
Responding might tell them that a real person is on the other side which will probably make your email go out to so many more spammers and hackers.
Conclusion
Doing these simple steps might seem tedious, but it’s the best thing you can do to protect yourself and your organization.
Do you want to increase the security of the office? Sign up with us so we can show you exactly how the entire workforce can benefit from KnowBe4’s training.
The Ultimate Solution
We understand that retaining this information can be challenging. To address this, Networking Dynamics has partnered with KnowBe4, the world’s largest integrated platform for security awareness training and simulated phishing. KnowBe4 Security Awareness training offers an interactive and engaging way to educate your organization on these practices so they can protect themselves from all types of phishing attacks. Through monthly mini-games, videos, and other enjoyable activities, your team can retain this critical knowledge.
Moreover, you will gain access to simulated phishing exercises that resemble real phishing schemes. Choose from a range of templates that simulate differetn types of phishing attacks to evaluate your employees’ ability to identify common signs of cyber crimes effectively. KnowBe4’s success rate is atonishing. After a year of training they have reduced on average the amount of people that click on scam emails from 32.4% to 4.9%. That is one of the best success rates of the industry!
There is much more to discover about this program, and the best part is its affordability. Click the link below to schedule a call with us, where we can provide you with comprehensive information about the solution and its benefits.
