Beware of malicious attachments
For years, attackers have used file attachments to spread malicious software, also known as malware, through email messages. These attachments contain malicious files that allow attackers to steal your credentials or gain access to our University network; your computer is vulnerable as soon as you download the attachment.
Identifying Malicious Attachments
Identifying malicious attachments can be quite difficult as attackers use various techniques to disguise them. However, there are things that will help you identify a malicious attachment in a fraudulent email:
- The attachment is out of context. For instance, you receive a file named “Payroll,” but you work in an unrelated department.
- The attachment is completely unexpected.
- The type of file attached is not related to the subject of the email. For instance, you are asked to review a document, but the file extension is an executable file (.exe).
- The file extension appears to contain two file types: If you receive a file called “wiring_process.pdf.exe,” for example, the attacker might be trying to make the file appear more innocent upon a first glance.
Furthermore, attackers can change the name of the file extension to make it look innocent and they can also hide malicious files in a ZIP file so it is important that you are attentive whenever you receive an email with file attachment.
Remember, information security starts with you!
If you receive an email and you are unsure if the attachment is malicious, delete the email or forward it to spam [at] umanitoba [dot] ca. If you have downloaded an attachment that you think could be malicious contact the Service Desk immediately at 204-474-8600 or servicedesk [at] umanitoba [dot] ca. For more information about Phishing visit http://umanitoba.ca/computing/ist/security/phishing.html