Think before opening suspicious email attachments: CERT|CC

More than 15 incidents had been reported by the Computer Emergency Readiness Team/Co-ordination Centre (CERT|CC) regarding the receipt of malware-related applications as an e-mail attachment under the guise of Microsoft Office-related documents, CERT|CC Information Security Engineer Ravindu Meegasmulla said.

He said that internet users caught out by email scams continue to increase.

Mr. Meegasmulla said Microsoft Office files, especially Word documents (DOC, DOCX), Excel spreadsheets (XLS, XLSX, XLSM), presentations and templates, are also popular with cyber criminals. These files can contain embedded macros (small programmes that run inside the file). Cyber criminals use macros as scripts for downloading malware, he said.

These email scams involved the cyber criminal gaining access to a corporate email account through email services," he said.

"Most often, these attachments target office workers. They are disguised as contracts, bills, tax notifications and urgent messages from senior management or from well-known persons with macro-enabled documents (disabled by default for security reasons). If the victim opened the file and agreed to enable macros, the malware was downloaded onto the computer," he said.

Therefore, Mr. Meegasmulla requests internet and email users not to open suspicious e-mails from unknown addresses or DOCX/PDF file to the spam folder should be cleared.

"If you don’t know why a particular message with a particular subject line landed in your inbox, most likely you don’t need it.

"If your work involves dealing with correspondence from strangers, carefully check the sender’s address and the name of the attachment. If something seems odd, don’t open it. Do not allow macros to run in documents that arrive by e-mail unless you’re certain that you have to. If you don’t see why you are being asked to follow a link, just ignore it. If you believe that you do need to follow a link, manually enter the address of the relevant website in your browser," Mr Meegasmulla said.

He requested to use a reliable security solution that will notify you about dangerous files and block them, and also will issue a warning if you attempt to go to a suspicious site, he added. (Chaturanga Samarawickrama)