📧Cybersecurity 101 Part 2 - Mind the download 🔒

In last week’s newsletter, I discussed how having a strong password policy, and making sure your software and hardware are always updated, is crucial to preventing cyberattacks. If you missed it, make sure to read how to create a strong password.

This week, I want to focus on another pillar: downloads.

With cybersecurity, prevention is everything. That’s why you should always think twice before downloading ANYTHING. This especially goes for email attachments. 

Here is a little checklist you can print on a post-it note and stick to your monitor:

When you get an email with an attachment.

• Were you expecting such an email? If not - BECOME INSTANTLY SUSPICIOUS. 

• If you weren’t expecting it - who is it from? Is it someone you know? If it isn’t, BECOME EVEN MORE SUSPICIOUS.

• If it’s someone you know - are you certain you know the person? Double-check the sender’s email address. Hackers can sometimes “typosquat” - create email addresses with “typos” (think microsfot instead of microsoft). For typosquatted emails BECOME GIGA SUSPICIOUS.

• If all these things check out - there’s still a possibility that the sender’s email was compromised and is being used to distribute malware (happens all the time). Therefore - what is the type of the file being sent? If it’s a .ZIP archive, an .ISO archive, a .LNK file or, God forbid, a .EXE, become ULTRA MEGA SUSPICIOUS.

• Finally, if the incoming email address passed all the checks, and if the attachment is a PDF file, a Word document, or similar, feel free to download it. But, before you run it, scan it with an antivirus program if you have one installed (Microsoft’s Windows Defender will suffice in most cases).

There is one final step that crooks can do to infect you with malware: they can “lock” the document for viewing.

Remember that in most cases, the victim needs to be tricked into downloading malware. Sometimes, crooks will send seemingly benign files which look blurred, with a huge overlaid button saying “click here to unlock”, or similar. They will claim it’s for “security purposes” or “authentication” but what the call to action really does is trick the victim into running the malware. 

So, if the file is “locked for viewing”, or blurred out until you do something - it’s definitely malware. 

Hiding the file extension

Many systems nowadays hide the file’s extension by default, to get a cleaner, more professional look. So, instead of “invoice.pdf”, that file on your desktop is just called “invoice”. Sometimes, hackers will try to “smuggle” a dangerous file type by adding a fake extension to the file name, tricking the victim.

For example, they will send a .EXE file with the name “invoice.pdf”. Since extensions are hidden, the file name is just “invoice.pdf” while in reality, it is “invoice.pdf.exe”. Many people won’t pay attention to the fact that a file now suddenly shows the extension, while it’s hidden with all the others. 

Therefore, I suggest you enable the “view file extension” feature on your OS, as that way you’ll never get tricked into running a piece of malware while thinking it’s a PDF file. 

To view file extensions on macOS, follow these steps:

• Open Finder.

• In the top menu, go to Finder > Settings (or Preferences in older macOS versions).

• Select the Advanced tab.

• Check the box for Show all filename extensions.

  This will make all file extensions visible across Finder. You can also toggle individual file extensions by right-clicking a file, selecting Get Info, and checking or unchecking the Hide extension option.

To show file extensions on Windows, follow these steps:

• Open File Explorer.

• Go to the View tab at the top of the window.

• In the Show/hide section, check the box for File name extensions.

This will make file extensions visible for all files.

Next week, I’ll discuss downloading files and programs from other sources, how to make sure they’re clean, and what to avoid. Until then, stay safe!

• Sead from CyberWiz