Tue, 07 Dec 2021 Today's Paper

Think before opening suspicious email attachments: CERT|CC

4 September 2020 04:15 am - 0     - {{hitsCtrl.values.hits}}


More than 15 incidents had been reported by the Computer Emergency Readiness Team/Co-ordination Centre (CERT|CC) regarding the receipt of malware-related applications as an e-mail attachment under the guise of Microsoft Office-related documents, CERT|CC Information Security Engineer Ravindu Meegasmulla said.

He said that internet users caught out by email scams continue to increase.

Mr. Meegasmulla said Microsoft Office files, especially Word documents (DOC, DOCX), Excel spreadsheets (XLS, XLSX, XLSM), presentations and templates, are also popular with cyber criminals. These files can contain embedded macros (small programmes that run inside the file). Cyber criminals use macros as scripts for downloading malware, he said.

These email scams involved the cyber criminal gaining access to a corporate email account through email services," he said.

"Most often, these attachments target office workers. They are disguised as contracts, bills, tax notifications and urgent messages from senior management or from well-known persons with macro-enabled documents (disabled by default for security reasons). If the victim opened the file and agreed to enable macros, the malware was downloaded onto the computer," he said.

Therefore, Mr. Meegasmulla requests internet and email users not to open suspicious e-mails from unknown addresses or DOCX/PDF file to the spam folder should be cleared.

"If you don’t know why a particular message with a particular subject line landed in your inbox, most likely you don’t need it.

"If your work involves dealing with correspondence from strangers, carefully check the sender’s address and the name of the attachment. If something seems odd, don’t open it. Do not allow macros to run in documents that arrive by e-mail unless you’re certain that you have to. If you don’t see why you are being asked to follow a link, just ignore it. If you believe that you do need to follow a link, manually enter the address of the relevant website in your browser," Mr Meegasmulla said.

He requested to use a reliable security solution that will notify you about dangerous files and block them, and also will issue a warning if you attempt to go to a suspicious site, he added. (Chaturanga Samarawickrama)

  Comments - 0

Add comment

Comments will be edited (grammar, spelling and slang) and authorized at the discretion of Daily Mirror online. The website also has the right not to publish selected comments.

Reply To:

Name - Reply Comment

A Sri Lankan giving dignified burials to unclaimed bodies for five decades

After their death, most people are memorialized at a service, surrounded by g

Focus on Laggala Gem mining big shots bigger than the law

The truth is now being uncovered regarding an illegal mining racket in state

How and why the TNA was formed twenty years ago

The Tamil National Alliance (TNA) is now twenty years of age. The premier pol

India lays emphasis on culture diplomacy with Sri Lanka

Indian Prime Minister Narendra Modi wanted to inaugurate the Kushinagar Inter