When even an email preview can allow attackers to access your system, it’s worth being careful.
I received an e-mail the other day and at first it was almost impossible to tell if it was legitimate. Because some vulnerabilities can get into your system if you just preview an email in Outlook, they get nervous. But I don’t have to determine when an email is secure.
First of all, a good dose of skepticism is important. Always ask yourself if the platform you are using is repaired and ready to defend against attacks. For example, if you still use a version of Outlook that is no longer supported, you are in danger; never open an unexpected email in an unpatched Office suite. It’s a good idea to migrate to a newer email client that offers better protection. There are many third-party email clients that can be useful alternatives to Outlook. Thunderbird, eM Client and Mailbird are three options that I think are good if you just need an easy email and calendar.
Sometimes protection can be an old school – if you don’t expect an email, but you know the person who sent it, one of the easiest ways to check if it’s legitimate is to pick up the phone and make a call. The same goes for business involvement email schemes – the best way to make sure your bank account isn’t cleared is to call to confirm a transaction. Remember, even smart people can be deceived; Shark Tank Judge Barbara Corcoran lost nearly $ 400,000 last year when scammers claiming to be them sent an e-mail to her accountant authorizing a bank transfer. (Wrong email address triggered scammers.)
Instead of using different email clients, you can also change the platform. As more companies move to the Apple platform or Chromebooks, people may no longer think they are immune to attacks. But as users move away from Windows, so do attackers.
It is always important to make sure that the operating system you are using is up to date. It’s easy to use a Chromebook without fixes and you don’t realize it needs updating. Even Chromebooks aren’t immune to attacks, so you should periodically check the extensions and apps you use and change your web-based passwords regularly. Use a password management tool and don’t save passwords in your browser. It may be convenient, but it’s also convenient for attackers.
As for the Apple platform, many people have moved from Windows desktops to multiple mobile devices such as the iPhone and iPad, so the attackers also targeted these targets. Risks in malicious applications or devices connected to unknown Wi-Fi networks also affect iOS and macOS.
Watching what the attackers do
I’ll be the first to admit that I’m a curious geek. I like to know and understand what tricks attackers use against me so that I can better protect access to my data and computers. One site I used is www.reverse.it. Allows you to use a virtual machine to open a malicious link or file. (You can also see visually what the link or the resulting file is trying to do.) I often see these links start another URL that successfully bypasses antivirus detection. I also see many sites that serve as landing pages for collecting usernames and credentials. Attackers can claim, for example, that they are a landing site for Office 365 or OneDrive to steal the exact information they need to access data in the cloud. Other times, I see malicious Office files trying to launch macros to gain access to a system.
There are steps you can take that go beyond just updating your systems, whether you’re using Windows, Chromebooks, or iOS / macOS. Examine the risks for each platform and make adjustments.
With Windows, consider disabling scripts in your browser. Instead of disabling site-level scripts, you can use a plug-in like NoScript; allows you to choose sites where you feel comfortable running scripts. Microsoft is testing a mod in its Edge browser that will disable the Just-In-Time engine to enhance security. Another alternative: the Tor browser, which includes NoScript and can be installed on multiple platforms, from Windows, Apple, Linux and Android.
Then check your Office suite settings to make sure you’re running a supported version and adjust the default settings to lock macros. (Most Office for Windows or Office for Mac users can simply upgrade to a supported version in which macros will be disabled by default.) If you open an Excel file that includes macros with the .xlsm file extension and you don’t receive a macro warning, it’s time to update. Remember, there are free alternatives, such as LibreOffice, that are more secure than an older, unsupported version of Office.
Simply take the time to understand what attackers are doing and how they operate, and you can make better decisions about how to protect yourself. No one is too big (or too small) for the attackers to take care of. Remember this and you will be better equipped to protect yourself.