Basic Computer Security/Web Security/Email Security

Padlock


Introduction

edit

During the everyday usage of your email client, it is possible to encounter certain unwanted programs and scripts in some email messages that may be malicious or otherwise harmful for you or your computer.

Before Infection

edit
  • Never share your password with anyone.
  • Keep your device operating system, and anti-virus and internet security applications up to date.
  • Be on the lookout for phishing attempts and spam email. Be careful when opening messages from unknown sources and do not open attachments from unknown sources.
  • When directed by an email to "log in" or "change your password" for an online service that you trust, ensure that the link to do so (if there is one in the email) actually points to the online service. If you do want to visit the online service site, go via the usual web address/URL you normally use. There have been many cases in the past in which users have been told to "change your password", but upon clicking the link to do so, the user would be led to a fake website that resembled the original, resulting in the unknown sender gaining access to the user's credentials of the online service.
  • Be especially careful of messages asking you to perform a financial transaction, especially if you have never received an email from this sender or if the financial transaction is from a service you never signed up for (if this is the case, you may be a victim of identity theft, which is outside of the bounds of this book). An example of this is the "Nigerian scam".
  • Be careful of messages that have no subject, or have a generic subject, such as "hi", or "hello", even if they are coming from a trusted source. Certain viruses and infections have been known to hijack a user's email account and attempt to spread itself by sending a message to every user in the address book.
  • Be careful of messages that contain no text in them, or sometimes only contain a link, as these have been known to lead to malicious sites or other content.
  • Take extra precaution when using public computers to access email. There is no way of knowing whether the computer has been infected with malware and/or if it has a key logger installed.
  • Be cautions when connecting to an open Wifi hotspot. There are various network-based threats that can occur on an untrusted network connection therefore, using a firewall on your device is a good precaution. You may also consider using a VPN.
  • Consider using some form of multi-factor authentication to add an extra layer of security such as Gmail 2-step verification.
  • Report spam to your email provider and/or the relevant jurisdictional authority (e.g. Federal Trade Commission, Australian Competition and Consumer Commission).

After Infection

edit
  • If possible, disconnect the device from the Internet immediately. This will prevent the infection from spreading to others, and in some cases, will prevent the infection from downloading more malicious software to your device. Also, in other cases, this will prevent the infection from communicating login credentials and other personal information back to the source of the threat.
  • Run a virus scan. Most scanners, such as Malwarebytes' or Spybot Search & Destroy, should be able to identify and remove a threat.
  • Once you are sure that the threat has been removed, you may connect the computer to the Internet again.
  • Update your security software: always ensure that your device is up to date with the latest updates and anti-virus/malware updates.
  • Check you email account: if you are are unable to login then it is likely that the password has already been changed. In this case, email providers often have the “I forgot my password” option and will typically send password reset instructions to an alternate email address or mobile phone number. This may involve knowing your secret question. If the password recovery method does not work, you may need to contact your email service provider.
  • Change your email account information: if able to access the email account, immediately change to a strong password. If the account had been compromised, it is important to change the recovery information such as the secret question and alternative email address as the attacker may have had access to this information.
  • Check whether contacts in your email account have been sent spam email from the account. If they have, let contacts on your email address know that your account has been compromised. This will help stop the spam or malware that could be propagating from your email address by alerting your contacts and letting them know not to pay attention to the emails sent from this address during the time the account is hacked.