Attachments fall into one of two categories:

  • Benign - Low to no risk, nothing that is intended to cause harm or loss
                  Most, but not all, attachments from people you know are benign.
  • Threat - These can come from people you know or do not know.
                  They can appear to come from companies or organizations.
                  They can come from e-mails you recognize but not sent by them.
                  The e-mail that delivered them usually is short, not personalized
                  with their or your name in the e-mail message.
                  These are, in general, the ones you do not rush to open!

There are a wide number of attachment types that can deliver a infection to your system that is not necessarily going to be caught by your anti-virus or security software.  The "bad guys" are have no remorse for their consequences to innocent people and are like playing "Whack-a-Mole" in attempts to capture as their base of operations frequently change every few days to avoid capture.

The purpose of the attachment may or may not be indicated.  It could include any number of "emotional activators" involving personal safety, safety of others, eminent loss of money or items of value, opportunity for quick easy money, plea for donations to a disaster fund from an unknown solicitor, potential threat to an account you hold, etc.  As the Bad Guys obtain more personal information from hacking large organization you will see these becoming more personal.  Never be embarrassed about questioning an e-mail with an attachment or if something was sent to you by a legitimate person or group.

Perhaps the most dangerous of the attachments is the compressed file, or often called the ZIP File which contains the letters ".zip" at the end of the filename.

Here the danger resides in not being able to readily detect what is inside it without opening it and opening it potentially launches the attack on your computer.  Originally designed to compress large files so they could be e-mailed, the ability to mask the contents creates a tempting vehicle to spread malware to innocent people.

So how do you protect yourself?
  1. Do not open it because someone sent it to you.
  2. If you do not know the sender, do not open it until you can verify who sent it.
  3. Best means to verify it is to CALL VERSUS E-MAILING the person.
    The person who sent it may have hijacked the e-mail account and they will be
    laughing at you when they reply "Of course I sent this to you ... it's OK to open."
    Calling the individual to confirm they sent you that file on the shown date is the best protection you can get.
  4. Normally people let you know in advance if they will be sending you a file so always have a security concern for unannounced attachments.  This is one of the reasons financial institutions (Banks, Credit Unions, Savings & Loans, Credit Card Companies, Loan Companies, etc.) DO NOT e-mail statements to you as it makes it easy to create a deceptive e-mail with a virus attachment.
  5. Other large companies, as a general matter of policy, do not e-mail attachments to you (there can be some exceptions but you generally are told during a telephone conversation that they will send you the e-mail establishing authenticity).  Microsoft and other software companies do not e-mail new releases or emergency or routine updates to their software as it opens the door for the Bad Guys.  You may receive an e-mail in some cases directing them to their web site and you then follow the listed links to get the software.  This increases your safety and confidence in what you are about to do.

So how do I undo something like this?
  1. Remember the old line: "An ounce of prevention is worth a pound of cure?"
    In the on-line electronic communications world this is heavily understated.
  2. If this is an information theft attack to capture your files, it can start within seconds and quickly transfer your files across the Internet and all that you can easily detect is that your disk light stays lit and checking your communications use via Windows Task Manager under Networking reflects a lot of information going across your network connection.  While the damage is done at this point you can disconnect from the Internet to prevent additional information from being exposed.
  3. If this is a information hostage attack, your files are often encrypted making them unusable to you.  You will receive notification where to send often hundreds of dollars to get your data back but only if you act quickly.  Maintaining regular back-up files of your data is now more important than before.  Most if not all of your operating system and application programs can be restored by system utilities or by reloading them from the CDs provided or by your own backup copies.  Unfortunately, most computer owners do not have any backup plan.
  4. If this is a virus or malware attack, it may attach itself to any number of files including operating system, application files and potentially personal files making them difficult or impossible to use without considerable effort and expense.
  5. There are other types of attacks, such as Denial of Service and Distributed Denial of Service, but these are generally aimed at Internet Service Providers and large companies with the intent to disrupt their ability to conduct business or as a distracting activity to a real attack.