How to identify viruses in emails to avoid possibly opening and getting infected with the virus.
- Look at the sender’s email address – These email addresses can be spoofed to look like someone you know, but also, they could be one that has a different country’s domain on it (example.com.ru, or firstname.lastname@example.org)
- Look at the Subject line – Does it create a sense of urgency? These are typically viruses. Does it have 1 word in it but appears to be a response like “Re: Document”? Final Warning – This is also a tall tell sign of a virus.
- Look at the body of the message – If the sender is a recognized sender, does it follow their normal emailing criteria – Does it have a salutation – is it directed to you specifically, or is it generic (Hi, vs Hi Adam,). Does it have a signature for the person who sent it? Does it match the name of the person you identified in the email address above? Does it have the company’s contact information and/or graphics that you’ve been accustomed to seeing if you’ve received mail from them before?
- Look at the content of the body – Is it just asking you to open a file or go to a website link?
- Look at the direction of the message – Does it ask you to open the attached file? Does it create a sense of urgency? With viruses, the purpose of the body is to entice you to open the attachment. A common method is by fear and urgency.
- Look at the attachment – is it a zip file? Is it a PDF? Is it a docx or doc? – how big is it? If it’s really small, around 1kb to 22kb, it is most likely a virus – couple this information with the above identifying marks above and you will have a very good indication that it’s a virus. This is not always the case anymore as I saw 1 virus that had a 440kb PDF attachment, but if you looked at the rest of the steps outlined above, it failed 2,3,4 and 5.