Tips For Protecting Yourself From Malware Emails

(Ping! Zine Web Tech Magazine) – At first, the news sounds good: spam volumes have declined by half since early 2011 and are at their lowest point since 2007.  Unfortunately, that is no reason to sound the all-clear. Although the number of dangerous or unwanted e-mails landing in inboxes every day is on the decline, the risks they carry have increased considerably. That fact particularly holds true for e-mail that transports malware. eleven, leading German e-mail security provider, has put together five tips to help e-mail users protect themselves against viruses and Trojans.

Do not open unknown attachments
Purported package delivery notifications have become the most popular trick for spreading malware. But alleged telephone bills, social media friend requests, flight bookings, or invoices are used as bait, too.  Recently, eleven observed an attack using fake tax reports (see image).  The trick is always the same:  to get the user to open the attachment, which automatically loads malware onto the computer. Therefore, do not open unknown attachments, especially when you do not know the sender.

Dangerous links
Malware senders do not always “hide” their “goods” in e-mail attachments.  Instead, they link to a manipulated Web site in the hope that users will be more likely to click on a link than open an attachment. For example, alleged social network status updates are misused to get users to visit virus-infected Web sites. Malware is then loaded onto the user?s computer via drive-by. When opened in a browser, the computer is automatically infected (drive-by download). For that reason, the same rule holds true here: if you do not know the sender, do not click on links in the e-mail.

Drive-by spam
Even more perfidious is a scam becoming increasingly popular: an HTML page, integrated into an e-mail, which contains a JavaScript that automatically downloads malware when the e-mail is opened. That eliminates the need to click on a link or open an attachment, but only works when the e-mail program allows HTML and JavaScript. The latter is deactivated by default in current versions of popular programs such as Outlook or Thunderbird, but older clients can pose a significant risk. Check whether your e-mail client allows them; JavaScript in particular should always be deactivated (see image).

Web 2.0 risks
The majority of social networks, including Facebook and Google+, offer their own e-mail services and instant messengers. Users basically have no way to take their own security measures. Use particular caution when exchanging files in this manner. When accepting these sorts of files, make sure to always check them using an up-to-date virus scanner before opening.

Comprehensive virus protection
The most important thing is to have effective protection against virus-infected e-mails. There are two aspects to take into consideration. First, an e-mail security solution that detects both viruses and spam, including new, previously unknown virus outbreaks. eleven’s is a free service for private users and intercepts virus e-mails before they reach recipients’ mailboxes. Those who get their e-mails via an ISP or e-mail provider (e.g. a webmail service) should find out what protection measures the provider offers. For example, eleven protects 1&1 with the GMX and WEB.DE services, O2 and T-Online. Some of these providers require a specific activation for the virus protection. The second pillar is an up-to-date virus scanner on users’ computers. Even though some users are annoyed by virus scanner updates: virus scanners can only work properly when they are up-to-date. Frequent scans of the entire system are also recommended.

Article provided by eleven.