Clicking on the wrong website links, wrong advertisement links, wrong email attachments and filling in the wrong online forms can expose you, your colleagues, your family, your employer and your friends to significant risk of:

• Identity theft
• Stolen online funds
• Lost data
• Lost access to online accounts
• Future unknown risks

1. Email

• Never open attachments from anyone you don’t know or don’t expect to receive something from.
• Confirm with the sender what an attachment is before opening if it is unexpected.  If you hit reply to the message, does the To: address look correct? Malicious emails will spoof the sending address so when you reply, the recipient often will not look correct.
• Never “Enable Macros” or download or install Plugins if ever prompted without fully knowing the validity of file. Malicious PDF and Office documents may try and trick you into running malicious code.
• Never click on links within emails without confirming them with the sender.  Emails with fake links often report to take you to a GoogleDrive, DropBox or Banking sites but instead send you to a malicious site that will prompt you to download, run or outright infect your machine.
• Be very suspicious of emails from your bank, IRS, FedEx, USPS and other institutions with links and requests for information. If there is any doubt about the legitimacy of an email or link, go directly to the institution’s website or contact them directly by phone.
• Do not “unsubscribe” to unwanted emails unless it is from a trusted source that you are aware you signed up for.

2. Web browsing

• Be very careful about clicking on Sponsored links and advertisements when performing web searches (Google, Bing, Yahoo, etc.). Perpetrators of malware buy ads and insert malicious code and links to try and get more exposure for their malware. Google search results, which appear below the paid advertisements, are safer as they cannot be as easily manipulated to show up on the first page.
• Be very cautions about clicking on and opening files and programs downloaded from the Internet and only open those from known legitimate sites.
•  Don’t install or open any files and links that pop up on the screen unexpectedly. Sometimes malicious software will purport to be an update to valid software like Adobe Flash. If you think your software may need to be updated, close the window and go directly to the software publisher’s web site itself.
• Full screen prompts about your computer being Infected should be treated with great caution. This is frequent technique to get users to click on or run files that will infect your machine. See if the window can be closed and reboot the computer if necessary and contact someone who can help evaluate if your machine has actually been compromised.
• Never search for license key generators, movie downloads, music downloads, free software, torrents, etc. as they are almost always gateways to malware. 

3. Phone

• Never accept calls from Microsoft, government agencies, your bank or any other institution that you’re not expecting, that are looking for information, login info or access to your computer. This is a common tactic to gain access to your computer and other information to defraud you.

4. Wire Policy

• All wire instructions should always be independently verified by outbound phone call.  Secure emails, emails or inbound phone calls should be considered sufficient to process wire instructions. 

If you ever have any doubt or question regarding the legitimacy of an email, attachment, or website, please feel free to reach out to Mantra Computing. If you do have an instance where you feel your computer is infected, the best course of action is to turn off your computer and give Mantra Computing a call to assess the situation and help determine the appropriate next steps.