- This is a excerpt from an article in an on-line newsletter that I subscribe to.
- Don’t open up Word documents you weren’t expecting. So often in these targeted attacks, the attacker uses a Word document attached to an email as an entry point. Modern versions of Outlook are no longer vulnerable in the preview pane, but opening up a document you were not anticipating should never be the first thing you do. I often tell people at ransomware presentations I give that, to the best of my knowledge, I know of no malicious software that goes after both Windows platforms and phone platforms at the same time.Thus if you are ever in doubt over opening an email attachment, take the phone out of your pocket and launch the potentially unknown file on your phone, and not on your computer.
If you have as I hope you do have a spam checker on your PC, save the attachment and scan it.
- Don’t follow links to unknown places Often in these targeted attacks an email will come in enticing the use to click on a link. In the Grizzly Steppe attacks, malicious web pages that were inserted pretending to be Outlook Web access web sites and were used to harvest credentials. I often see emails coming into my inbox indicating that my apple iTunes need to be reset, my Google credentials are no good, or my email access has been limited until I enter in my user name and password. Here’s a rule of thumb: Whenever you get such an email, stop and think if it makes sense to receive it.
- Watch for targeted emails The Grizzly Steppe attacks used several techniques to target, among them social engineering: sending emails with unique subject lines and attachments that would be enticing to the person that the emails were sent to.
- Protect other people If you are sending emails to lots of people use the BCC (Blind copy) so that you don’t reveal those email addresses to everybody!