Home

About
       Services
       Clients
       FAQs
       Our Name

Toolbox
       Demos
          Silverlight
       Widgets
          Facebook Widgets
          Flickr Badge
          Twitter Widgets
          LinkedIn Widgets

Contact Us

Events

Blog
       Twitter

Support
You are here: Blog
 
Register Login
Grog List
  
Search
  
MoonTags
  
Grog: the Green Moon Blog

Email Attachment Safety

Jul 30

Written by: John Dukovich
Friday, July 30, 2010 2:33 PM 

So you get an email message that looks really, really legitimate. The subject and the body of the message actually correlate. There are no typos.  The text concerns a legal matter and the sending email address is a law office. You type in the domain name of that law office into your browser and it comes up with a website for the law office that matches the signature block. The message is notifying you of an important legal issue affecting your organization. Specific information is included in the attached Word document. But something just does not feel right.

Do you double-click the attachment to read it, assuming that if it does contain a virus, your anti-virus software will catch it?  No!!!

Instead, there is a free virus scanning service that you can use. It is called VirusTotal. Simply forward the email to scan [AT] virustotal [dot] com (put “scan” as the subject).  VirusTotal will run the attachment through more than 40 virus scanning packages. It will then email a report back to you. In a recent experience, I received such a message. My embedded scanner did not flag it, so I sent off the message to VirusTotal and it responded that about 20% of the participating scanners found problems with it, such as trojans or worm viruses. That was enough for me to feel confident that deleting the message was my best option.

What if only one or two of the scanners find a problem? That is still worrisome to me. At that point, I would attempt to contact the sender of the message by telephone to see if I could verify the message's legitimacy.

You can also upload individual files to the VirusTotal website. But, that requires you to download attachments to your hard drive first, which is not worth the risk in my opinion.

So, the first line of defense is having an embedded email virus scanner. VirusTotal or a similar service should be used when the embedded scanner does not flag a suspicious message.  You can always try to contact the sender if you are still concerned, but that can be time consuming. Your last line of defense is your own experience and judgment. When in doubt, don't open a suspicious attachment.
 

Copyright ©2010 Green Moon Solutions, LLC

Trackback Print
Location: Blogs Duke's Grog
Tags:
Bookmark and Share
Grog
  
Privacy Statement Terms Of Use
Copyright 2012 by Green Moon Solutions, LLC
Home  |  About  |  Toolbox  |  Contact Us  |  Events  |  Blog  |  Support