These are so annoying. You receive an email from a well known or legitimate sounding company saying they want some overdue money or they have paid you money via BACS or they have taken money. Some examples of the different types of emails are:
Email From | Subject | Attachment |
Lucia Santiago | Remittance Advice for 407.84 GBP | BAC863376EI.xls |
Nannie Brewer | Remittance Advice for 722.26 GBP | BAC8587464TN.xls |
Gaynell Aromin | Shipping Information | FICU-73741C-39288.zip |
Claude Peck | Remittance Advice from Anglia Engineering Solutions Ltd [ID 050645V] | ID_809960K.xls |
Accounts Finchley | Bank Payments | 2014_12_09_14_09_19.doc |
soo.sutton850@powercentre.com | INVOICE 224245 from Power EC Ltd | 224245.doc |
Her Majesty’s Tribunals Service | HM Courts & Tribunals Service | Copy2811280.zip |
Santanderbillpayment-noreply @SantanderBillPayment.co.uk | Info from SantanderBillpayment.co.uk | VAT_07067C8A1D.zip |
support@salesforce.com | 2012 and 2013 Tax Documents; Accountant’s Letter | New Data 03262014.zip |
National Institute for Health and Care Excellence | Blood Test Results Email | Test results 114AF-1.zip |
no-reply @ordergateway.talktalkbusiness.co.uk | TalkTalk Business order confirmation | TalkTalk Business order confirmation.pdf.zip |
Lots of different approaches but all wanting just one thing.
To get you to click on the file attachment!
They all use “Social Engineering” this is an approach used by the spammers and virus writers that focuses on the person rather than the technology. So instead of trying to sneak on to your computer they come straight to the front door and knock loudly. They then try to convince the person using the computer they are legitimate and get you to let them in. This is done by fooling you into running their virus because they know your anti-virus trusts you. One of the big weapons your Anti-Virus has to detect new viruses is to look for “Virus like” behaviour. So it will sit on your computer looking for software trying to do things without your knowledge. These guys circumvent this by getting you to run the virus therefore fooling your Anti-Virus.
The different spam emails come with varying types of files. Word Documents and Excel spreadsheets contain malicious macros that execute when you open the document. Those that end in .zip are usually just the virus executable that will run as soon as you double click on the zip file.
The actual email message tends to run to a theme, trying to sound important or urgent and in one particularly nasty one, life threatening. I am appalled how low they would go when they are pretending to be from the National Institute for Health and Care Excellence with blood test results that show cancer!
The other thing to notice when you look at the attachments above is that the file name is computer randomly generated. This is also to try to fool the computers Anti-Virus as giving the attachment that contains the virus a random name the antivirus cannot be told what file name to look for. You will also notice that the filename often also contains the date, this is for your benefit to try to disguise the fact the filename is actually computer generated as that may make you suspicious.
The good news is that these email borne viruses fail completely if you are not fooled. As long as you do not access the attachment and just delete the email it can do your computer no harm. To be safe I would permanently delete those emails. This can be done in Outlook by two ways. Either delete the email and then empty the deleted Items folder (but that removes all email in the Deleted Items folder) or to just permanently delete a single email; Select the email , then hold down shift and press the delete key. Then answer “Yes” when asked if you want to permanently delete the email.