This morning I received the below email. Now I recruit people and it seems logical that someone might send me a CV. But when opening this email my alarm bells rang. Why?
- Firstly, I don’t recognise the sender.
- Secondly, I think putting and exclamation mark in the title of the email is a bit odd, don’t you?
- She also doesn’t refer to me or our company by name.
- Her language seems quite abrupt.
- Her Word document is password protected.
- The email was sent at 5.08 in the morning.
Now I don’t have a checklist that I work through, just at quick glance the above makes up a picture that I am suspicious of. Finally, I click onto her name at the top of the email to see the email address is: firstname.lastname@example.org – not a common email address.
The purpose of this email is to try and get you to open the attached Word document. It is possible that there is a macro contained within it that will try and find any weaknesses in your version of Microsoft Word, should you have it on your machine. A while back there were viruses that would redirect your internet browser away from Google to sometime far more amateur and these virus’s were carried through Word.
Now the thing that annoys me most about this is that the sender alludes to being aware of identity theft. Trying to lure me into thinking she is concerned about her own, and my safety. The password could also act to get through certain antivirus too, so it is a double whammy of deceit.
Now most software has introduced patches to stop viruses like this affecting your machines but it isn’t stopping the emails. In addition, if you have the latest version of Microsoft Office – 363, your document is automatically opened in read only and the macro wouldn’t launch. So, taking all the above into account what should you do when you get emails like this?
Do you recognise the sender? Does it make sense that this person would send you this document? If no don’t open it and just delete. It is that simple to keep yourself safe.
There are other steps you could take like blocking the sender and reporting the email address which we will cover in freely accessible lesson plans throughout May. In the meantime you could look at the Online Safety courses on www.learnmyway.com