Identify and Avoid Malicious Emails
Email scams and viruses are an unfortunate reality in today's business world. In this quick reference guide, we provide some tips to help you identify what malicious emails might look like; how you can avoid falling for them; and what to do if your computer does get infected.
Overview
Malicious emails can be disguised as seemingly innocent day-to-day notifications; for example:
- Parcel delivery details
- Email account closures
- Banking information
- Requests for help
- Traffic infringement notices
- Unsolicited resumes
- Delayed instant messages
Scams: Some malicious emails are "phishing" scams that attempt to fraudulently acquire personal information from you (such as your account password or credit card information).
Viruses: Other emails contain viruses that will be stopped by your antivirus software. Ensure that your antivirus software is up-to-date. To find out more, speak to your Fred account manager on 1800 888 828.
Ransomware: Some emails contain very destructive ransomware viruses (such as Cryptolocker) that may not be stopped by antivirus software. Ransomware will encrypt some or all of your data, and tell you that unless you pay a “fee” within a certain number of hours, the key to decrypt your files will be deleted and you will never be able to get your files back.
What to look out for
Be cautious of links and attachments
An email with a virus will always provide a link to click or an attachment rather than giving you all of the information you would expect in the email.
Legitimate organisations may send email notifications to you containing embedded links to legitimate sites. When you receive an email with links to other sites, use the information below to help you determine whether or not the links are legitimate.
One common technique is to include links in an email that look like they go to a legitimate website. Upon closer inspection, the link may actually take you to a website that has nothing to do with the company the email is pretending to be from, even though the resulting website may be designed to look exactly the same.
Simply mouse over (but do not click) any link in an email, and you will see a pop-up that shows you the actual URL that you will be taken to. Here's an example where the displayed link does not match the actual link destination shown:
You can clearly see that the visible link and the real link do not match. If the URLs in your email do not match, or the second URL is not from a domain or company you are familiar with, this is a good indication that this is a phishing email.
Do not open attachments
It is important that you do not open the email or any attachments. Do not open attachments unless you know for sure they are safe. If in doubt, call the service provider to find out whether they have sent you an email with an attachment. It’s common for malicious attachments to arrive in a .zip file format.
No phone contact details
Malicious emails rarely, if ever, provide any phone contact details if you want to call for further information.
Note the greeting used
Malicious emails tend to start with generic phrases like "Dear valued customer" or your email account name, such as "Dear freddy123," instead of your name ("Dear Emily" for example). Most legitimate companies include your name in their correspondence because companies will have it on record (if you have dealt with them before).
Find out who the email is really from
For example, an individual’s name may be displayed as the e-mail address or the email address does not match the organisation name. Click on the email sender’s name to check the email address it originates from. Remain wary though, as the sender’s email address can be forged so it may appear legitimate. The example below shows the sender of an emailed receipt apparently from Apple, but when the sender’s name “Receipt” is clicked in the header of the e-mail, the email address is revealed as follows:
Other clues
The grammar may be awkward, a bit too friendly or a bit too abrupt compared to what you would expect from a reputable firm.
The email may originate from an organisation unlikely to have your email address, e.g. for traffic infringements or parcel delivery.
However, sometimes the emails are very convincing. Take one extra minute to question the e-mail’s validity and if in any doubt, do not open the email, but rather call your service provider to check.
For examples of malicious emails, please visit the Fred Help Centre and see recent posts on malicious emails.
What can you do to prevent scams/virus infection?
- Never send credit card information, account passwords or extensive personal information in an email. Most companies have policies that state they will never solicit such information from customers by email.
- Find out who the email is really from by clicking on the email header.
- Double check any links before you click them by hovering your mouse over the link but not clicking.
- Do not open attachments unless you know for sure they are safe.
- If you receive any emails that seem suspicious, contact the Fred Help team on help@fred.com.au or 1300 731 888 as soon as possible. Provide details about the email, so that we can inform other pharmacies.
- Ensure your pharmacy is protected with strong security measures, including off-site backups, antivirus software, and firewalls. For more advice, contact the Fred Sales team on 1800 888 828.
What to do if your computer is infected
If the CryptoLocker ransomware screen appears, it is important to limit the impact of the file encryption process:
- Disconnect your computer from the internet immediately by removing your network cable or turning off the wireless connection.
- Disconnect any USB storage devices or network shares and turn off any cloud backup services you may be using, such as Dropbox or Office 365.
- Contact your IT service provider as soon as possible and provide details about the email and the computer that is infected.