Blog

Seasonal malware that you didn’t order.

Written by Troy Midwood | 13-Dec-2016 10:46:05

It’s that time of year when a deluge of new malware attacks try to lure you in with infected email attachments in messages which purport to be from legitimate companies – the types of companies you would expect to be emailing you at this time of year.

Amazon appears to be the worst culprit right now – or rather emails containing intriguing subject lines such as ‘Your Amazon Order Details’.

Of course, it’s not really Amazon sending these bogus messages. Instead they originate from cyber criminals hoping you will open the attached file and thereby unleash havoc on your own PC. What a lazy (but effective) way to propagate malicious code!

Naturally, the malware you might inadvertently install by opening an infected file threatens to compromise the performance of your machine or, worse still, the security of your personal data.

Besides fake order updates from Amazon, other variations are also doing the rounds – ‘important notifications’ from HMRC containing PDF attachments and, of course, the traditional bogus documentation from all the major banks: Barclays, RBS, HSBC and Lloyds to name but a few.

What can you do to protect yourself?

So if your inbox is full of messages that you were not expecting on subjects you do not recognise, what can you do to avoid falling foul of the hackers? Here is some simple advice that may prevent you compromising your security.

Know your sender – our simple message to you is this – do not open email attachments from unknown senders.

Beware malicious files – invoices and delivery notes from Amazon and other suppliers are designed to tempt you to click. However, most online retailers do not send file attachments with their order updates and Amazon for one have made a statement to this effect in the past month.

Be careful what you download! There is no such thing as a free lunch and ‘freeware’ as well as P2P programs are amongst the biggest culprits. These software applications are frequently bundled with copious amounts of bundled spyware.

Phishing and ID theft. Be especially wary of hyperlinks contained in messages that appear to originate from your bank, building society, telecoms provider, PayPal account etc. A useful tip is to hover your mouse over any such link to reveal whether the URL actually does originates from the website in question.

Update your antivirus – your antivirus software should be set to update at regular intervals and manual checks are advisable too. If you have any questions regarding your own internet security software, please contact us to discuss this matter as a matter of urgency.