Secure email practices: how to prevent your device on becoming a zombie?
Has your computer been acting weird lately:
- A part of your hard disk or flash storage seems to have disappeared.
- Your browser often closes for no apparent reason.
- Any inexplicable error messages popping out randomly.
- Your computer takes a long time to start up and shut down.
- Your fan going into overdrive even though your PC is supposed to be idle.
- There are emails in your “Sent” folder you don’t remember writing.
- Some security websites block you from accessing them.
- You can’t download or install antivirus programs or updates.
- Windows Task manager shows suspicious programs you can’t account for.
We do not want to alarm you, but there’s a slight possibility that your computer was turned into a zombie. That’s why secure email practices can greatly help you staying protected.
“Zombie” is the term used when an attacker takes control of your computer without your knowledge. It either steals your data, or makes your computer do things that it normally shouldn’t. It can send out spam or even worse steal your sensitive information and attack other computers.
A zombie computer is similar to a traditional Trojan horse (bad code wrapped inside normal behaving code). Instead of only installing a keylogger and stealing your personal data, zombies will work with other zombies. They form what is called a botnet or zombie army.
The term botnet comes from combining the words ‘robot‘ and ‘network’. Botnets are entire network of computers controlled and instructed to do bunch of things, such as:
- attack other computers (for e.g., DDoS)
- send spam or phishing emails
- deliver malware (ransomware, spyware, …)
- Commit advertising fraud
- other similar malicious acts…
All this can happen without you having the slightest idea about it. All it takes is a browser plugin update you just keep postponing or clicking on a link you don’t know where it leads you to, …. In these time of extreme busyness and short attention span, the odds are forever in the cybercriminals’ favor. Now imagine what an army of millions of computers can do through coordinated attacks.
Secure email practices can help you in avoiding devastating consequences
The foremost vector of malware spreading are emails, for e.g., Locky, a recent ransomware that was distributed via emails to nearly a million victims. Moreover, clever cybercriminals are now using the power of encryption to bypass the conventional virus scanning and spamming checks – making malwares (almost) undetectable.
Following secure email practices will decrease the chances that your device becomes a zombie.
- Don’t click on any suspicious link you’re not sure of / or don’t know where it leads – not even the ones you received from friends or family or social network buddies. Their accounts might have been compromised. It’s safer to be patient and ask them what it’s all about, before rushing into clicking on the link. Check this blogpost for more details.
- Do not download any attachments that you never requested
- Avoid opening spam messages – and especially don’t click on links that say ‘click here to unsubscribe/etc…’ as they will mostly do the opposite (run a malicious program, …)
- Beware of browser plugins/add-on’s and non-trusted apps – and avoid giving them unnecessary permissions.
- Install mobile apps with extreme caution – and avoid clicking on fancy ads that normally leads you to watering holes using malwertising.
- Don’t use pirated, cracked, or otherwise illegal copies of programs – only download them from trusted sources.
- Pay much attention when opening content from encrypted emails – as encryption could have been used to hide malicious content.
Remember: there’s no full-proof prevention mechanism here – the key is caution !