IT Services

Malicious attachments and links

If you are expecting an email from the sender, and the content of the email seems legitimate, then this is usually a good indicator that the email is safe. However, as malware becomes increasingly sophisticated, it is possible for a message to appear to be from someone you know but is in fact a hoax.

  • It is good practice to save attachments and run anti-virus software on the attached file before opening them; even those from people you know. This does not take long – just save the file, right click on the file name, and scan for threats. If the anti-virus software finds a virus you should delete the file as soon as possible and warn the sender they are infected.
  • Trust your instincts: if the style of the email is not consistent with what you would expect from the sender or if the content is vague or blank, it might not actually be from the apparent sender. Contact the sender and check if the email is legitimate before opening any attachments.
  • If the email is unsolicited, the subject is blank or dubious, or the attachment has a dubious name then it is best just to delete the message. You should also be suspicious of links to websites in such messages.
  • Do not click on links in emails without checking their validity – hold your cursor over the link and examine the information displayed in the pop-up. It is safer to enter the address shown in the pop-up in your web search engine to see if takes you to a valid website.
  • If you receive email as html documents, do not download any pictures unless you are sure the sender is valid – opening images in html documents can expose details of your mailbox to third-parties and could be exploited by spammers and hackers.
  • In Outlook, disable the "Preview Pane" view. You can do this by the following steps - View > Reading pane > Off. This prevents you from viewing content you might find distasteful. Having "Preview Pane" view switched off also prevents potentially harmful content from automatically opening.