Description: C:\Users\Gimode\Desktop\LOGO\CAK LOGO-01.jpg

National KE-CIRT/CC Cybersecurity Best Practice Guide of the Week



In This Issue:

* Using Caution with Email Attachments















/Users/timothy/_ke-cirt/Security Tips/Security Tips/USING_CAUTION_WITH_EMAIL_ATTACHMENTS_files/image003.jpg




An Email attachment is a file sent with an e-mail message. One attaches a picture, word document, a movie, a sound file, excel document, or any other file that requires another program to open it. A computer Virus, Trojans Worms or Malware can be attached in disguise of any file format. Unless you were expecting an attachment from the person sending you an e-mail, we suggest not opening the attachment, even if it is from someone you know. Viruses and worms can use address books to help spread the virus and make it appear to be a valid e-mail.


Why can email attachments be dangerous?


Some of the characteristics that make email attachments convenient and popular are also the ones that make them a common tool for attackers:


These are:


1.  An email is easily circulated – Forwarding email is so simple that viruses can quickly infect many machines. Most viruses don’t even require users to forward the email. They scan a users’ computer for email addresses and automatically send the infected message to all of the addresses they find. Attackers take advantage of the reality that most users will automatically trust and open any message that comes from someone they know.

2.  Email programs try to address all users’ needs – Almost any type of file can be attached to an email message, so attackers have more freedom with the types of viruses they can send.

3.  Email programs offer many “user-friendly” features – Some email programs have the option to automatically download email attachments, which immediately exposes your computer to any viruses within the attachments.


What steps can you take to protect yourself and others in your address book?


1.  Be wary of unsolicited attachments, even from people you know

-      Just because an email message looks like it came from your mom, grandma, or boss doesn’t mean that it did. Many viruses can forge (“spoof”) the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments. This includes email messages that appear to be from your ISP or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in email.

2.  Scan any downloaded attachment before opening.

3.  Ensure your antivirus and Anti-spyware are up-to-date and real time protection is enabled.

4.  Trust your instincts

-      If an email or email attachment seems suspicious, don’t open it, even if your anti-virus software indicates that the message is clean. Attackers are constantly releasing new viruses, and the anti-virus software might not have the signature. At the very least, contact the person who supposedly sent the message to make sure it’s legitimate before you open the attachment. However, especially in the case of forwards, even messages sent by a legitimate sender might contain a virus.

5.  Save and scan any attachments before opening them. If you have to open an attachment before you can verify the source, take the following steps:

                     i.    Save the file to your computer or a disk.

                   ii.    Manually scan the file using your anti-virus software.

                 iii.    If the file is clean and doesn’t seem suspicious, go ahead and open it.


Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity

to /

/Users/timothy/_ke-cirt/Security Tips/Security Tips/USING_CAUTION_WITH_EMAIL_ATTACHMENTS_files/image004.png/Users/timothy/_ke-cirt/Security Tips/Security Tips/USING_CAUTION_WITH_EMAIL_ATTACHMENTS_files/image005.png/Users/timothy/_ke-cirt/Security Tips/Security Tips/USING_CAUTION_WITH_EMAIL_ATTACHMENTS_files/image006.png