All businesses are subject on a regular basis to scam emails with scam links including an unsubscribe button.
Please remain forever vigilant, as a simple naïve mouse click on such a link/button is potentially the point of no return. It is the initial phase of a full blown security breach which could close down your business and bankrupt it.
If you are very careful, you can right-click over the “Unsubscribe” option and copy the hyper-link into notepad or word to take a closer look at it. It will expose the website to which you would have been taken, were you to foolishly click on it. And that website could be any legitimate website, such as parfreymurphy.ie where the malicious actors have put in the effort to hijack the web-site, so that they can inject malicious code into the workings of any existing page. Or indeed create a brand new page to propagate their malicious code into the local PC of the unsuspecting visitor.
If somebody does click on such a baited link, only to realise moments later that they’ve been duped, quick reaction time can mitigate the danger, and prevent it from turning into a full scale security breach. which must be reported to the GDPR commissioner.
A superficial action that can merely get rid of the annoyance factor of repeated emails from the same sender, is to right click the email as it rests in your inbox, without opening it, and scroll down to the “Junk” option, and then click the “Block Sender” option.
Guidelines:
Informing and training staff is the best defence against security breaches, because effective protection technology does not exists to automatically protect against attacks. That is why, induction training for all employees should hammer home the importance of not clicking on links embedded in email without first:
Investigating the bona fides of the link in question – Is it absolutely necessary to click on it?
How do I find out?
- You have to contact the supposed sender to enquire and find out.
- Do not use the convenience of Reply-To-Sender to inquire, or you are potentially feeding more intelligence back into the hands of the attacker.
- Best approach is a phone-call or a free Whats-app call or text, to enquire from the supposed sender
If its not business related – you can choose to ignore it.
If you are still unsure of the legitimacy of the link, after investigating, inquire further, or seek advice from others – but do not click.
Regular reminders of the company’s protocol for working with links embedded in emails should be circulated to all employees , perhaps a frequently as once per quarter. And the best practice is paraphrased as follows:
Do not click on a link embedded in an email until after you have investigated, with due diligence, to ascertain with 100% confidence, that it is a bona fide link. Also, as the question, is there a good business reason why you need to engage with it.
If you heed the advice above, you should avoid 95%+ of attempted security breaches.
And finally, to err is human, so emphasise also, to all users, the protocol to follow in the event that you do naively click , only to realise moments later, that you were duped:
Isolate the PC immediately, to contain the unfolding attack. Time of the essence, once the click event has happened.
If you can do it quickly, pull out the Network cable from the back of your PC and/or disconnect the WiFi.
This is essential to isolate the attacker from the valuable data they are trying to extract from your PC. It also prevents contagion and the potential spread to the server and every other PC on the office network.
If unsure about how to break the Network connectivity, i.e. to pull out the network cable and/or turn off the WiFi connection, then proceed to the next points regardless – ASAP.
Power down your PC ASAP, regardless of whether you were able to isolate it from the Network or not.
Bear in mind that malicious software can easily deny you the right to shut down windows using the normal methods, part of the attacker’s defence strategy.
So if you are losing valuable time and losing in your attempt to shut-down you PC using your normal approach, then:
- Use the Non Maskable Interrupt (NMI) which overrides all software control and forces a shutdown, irrespective of any other input to the contrary.
- To execute an NMI Shutdown, press and hold the power button for a slow count of 6 seconds and watch the lights go out.
Hopefully before your lights go out!
Timing and speed are of the essence, and so, if you manage to isolate your PC quickly, you may mitigate the potential breach rendering it to the level of a frightening close call!
Leave the machine in the powered down state, until it can be checked out and cleaned professionally by your IT Admin.
Remember most breaches start out with a simple mouse click on a baited link.