How to identify a malicious attachment in an email

How to identify a malicious attachment in an email



We’ve all heard it before – if you receive a weird looking email, whatever you do, do not click on any links! Even if it says, you’ll win $100,000 and a north facing beach front house overlooking the most famous beach in LA, don’t click it! But did you know that opening an attachment can be just as harmful?

Attachments come in many forms. An image,  word document or PDF to name a few. Attachments which are sent as part of a malicious email are done for a few reasons but for the most part, it is either to steal personal information such as usernames and passwords or to infect your system/computer with a virus or do both.


So how do you know if the attachment you have received is legitimate?

There are a few giveaways in the body of the email (the main part of the email) and also the subject line and who sent it. First of all, you should question whether you are expecting this email and attachment. If you’re not expecting the email, this should be the first red flag. Do you know the person who sent the email and is it from the email address you know belongs to this person? This can sometimes be a bit tricky to spot as sometimes email addresses can look very similar with only a letter or dot difference. Be sure you look closely!

Next: look at the body of the email – are there any spelling mistakes or grammatical mistakes? Does it contain a sentence or paragraph that makes it sound like there is some sort of time frame or urgency to it? This is especially true if the email you have received has a sense of urgency to open the attachment such as “the attachment contains vital information about your health or the status of your bank account” – this should raise alarm bells. Finally, look at how the person has concluded their email, is it formal or perhaps just a name or maybe no conclusion at all?

All of these suggest that not only the email is malicious but the attachment is most likely containing code (that is not viable when opened) to encrypt/infect your computer. If this is done in a work environment, this could not only harm just your computer but also have a detrimental impact on the rest of the company as it can also infect the network you are joined to causing a breach. Just because you haven’t clicked on any links but have opened the attachment and your screen has not gone black or blue with a skull and cross bones– does not mean you’re in the clear. Although the effects will not be necessarily be evident at first just the simple act of opening an infected attachment can cause all sorts of chaos.


But what happens if you’ve received an email that you’re in two minds about?

Let’s say you have received an email from Julie in HR regarding upcoming training of a new employee. You read the email, it sounds about right. You know the company is hiring and you do know a Julie from HR but you weren’t expecting to be training anyone because that’s normally Brian’s job. You see it has an attachment labelled “training modules” which would also sound correct because you need some sort of training guideline to train this new person.

In this instance – You would need to phone Julie directly or go down to HR and ask to confirm whether or not she sent this email. If the answer is “no”, then alert your IT department.


So what should you do if you receive an email with an attachment that doesn’t seem right?

Simple. Don’t clink on any links, fill out any information or open any attachments. Raise it with your IT department straight away. They will be able to help you with it and act accordingly.

Share this post:

Get in touch

Get in touch

Call  Now

Remote Support

Service Desk