What can seem like a harmless “download this attachment” email can turn sour quickly.
People and email providers have gotten much better at detecting malicious emails, but attackers continue to get more inventive. And as long as these types of scams keep working, attackers will continue to use email to lure people into traps to steal sensitive information.
This article explains how to stop malware emails, helps you recognize malware in emails, and talks you through important steps to avoid and prevent malware. There is also a FAQ section towards the end.
How to Stop Malware Emails
Malware is one of the biggest threats to any device. Hackers use phishing attacks to target emails and access private data, and business email compromise (BEC) attacks are on the rise. There are, however, ways to stop it. There’s a short answer and a long answer on how included below.
Your email provider should already be stopping malware.
Proper email security protects the sensitive information in email communications from various types of cyberattacks (ransomware, worms, spyware, different types of malware, other cyber threats), protects against unauthorized access, and prevents loss or compromise of one or more email addresses. Email security is necessary for both individuals and businesses alike, and there are multiple measures your email provider should take to increase it.
Malware can spread and infect devices and networks after opening a malicious attachment or link. USB drives can sometimes also contain malicious programs. Email attachments can contain code that causes your computer to download additional malware from the internet.
As attacks become increasingly difficult to combat and more sophisticated, it’s critical to know the foundation of email security and what to look for when choosing an email server / provider and relying on them to stop attacks.
The foundation of email security lies in the following three components:
- The envelope – the path the email takes to get to your inbox
- The header(s) – contains information about the sender, recipient, and various authentication details
- The body of the message – what you read and reply to (the contents of the email).
The authentication methods — SPF, DKIM, and DMARC, which rely primarily on DNS records — verify the sender and prevent email spoofing. Email providers employ all of these measures and additional email security solutions to keep individual and business email accounts safe.
Axigen, for example, has a full security feature set, including incoming and outgoing security options with things like encryption, AntiVirus filtering (with Kaspersky), DNS checks, and anti-impersonation options for added email security.
Is It Really Malware? How to Recognize Malware in Emails
Be aware of any of the following signs that your email may contain malware:
- Unfamiliar email address – if the sender’s email address doesn’t match the (expected) company’s name or is entirely unfamiliar, there’s a good chance it contains malware. Keep an eye out for misspelled sender addresses or legitimate ones with slight variations (adding or omitting one letter), as these are phishing emails that may contain malware.
- Non-personalized greeting – if the email begins with a generic greeting (“Hi everyone” or “Dear Sir or Madam”), it may contain malware.
- Encouraging the download of an attachment or clicking a link – watch out for emails that direct you to download an attachment or click a link. In most cases, these lead to malware.
- Suspicious attachment – if the email contains an attachment you find suspicious with extensions (.rtf, .exe, .pdf, .xls, etc.), these are known carriers of worms and malware.
- Plain text or no logos – malware emails rarely contain images or logos and have plain formatting (and sometimes incorrect spelling).
- There’s a sense of urgency, strange requests, or threats – cybercriminals will try to get recipients to act quickly with keywords like “urgent” or “sensitive”, request payment for someone / something, or threaten that something will happen if you don’t follow through with an action. Remember, emails requesting money are illegal, so just as with chain messages and being careful not to forward them, be wary of emails like this, which contain malware.
Let’s Stop Malware in Its Tracks — How to Prevent Malware Email Attacks
A good email provider will recognize malicious attempts and stop them with various security measures, but some may still manage to slip between the security cracks. Below are some best practices to keep your inbox clean and free of any potential malware attacks in case this does happen:
- Do your homework – ask yourself if you know or are familiar with the sender (sometimes the sender is a legitimate service or company you use or make purchases from), double-check the spelling of the email address and any names mentioned in the email body, and ensure any attachments or links are legitimate before clicking them.
- Avoid suspicious websites – don’t enter any sensitive data into a website that looks suspicious. Prior to installing any new software, look into the program (and reviews) to ensure the installation will be legitimate. You may choose to download an extension for your browser or device, such as DuckDuckGo, for additional safety and privacy.
- Turn on automatic updates – install updates on your devices as soon as possible if you don’t have the option for automatic updates.
- Enable two-factor authentication – the Google Authenticator extension for your browser can give you an extra layer of protection when accessing sensitive data. Additionally, always choose strong and unique passwords for each of your accounts, and change them frequently.
- Turn on your firewall – ensure your firewall is correctly configured and on at all times.
- Unsubscribe from websites you don’t want to hear from – get rid of those pesky ads that can contain malware when you least expect it.
- Refrain from posting your email address publicly and don’t forward chain mail – never reply to chain mail either; replying will get even more spam in your inbox.
Email Malware FAQs
What happens if you click on a spam email?
If you end up clicking on a spam email, don’t fret, nothing will happen if you don’t click on a malicious link or attachment. If you clicked on a link and something is off, follow the steps below to do damage control:
- Don’t fill anything out if you were redirected to a new page where you were asked for personal information. Don’t reply to or forward the email, and close the page as soon as possible.
- Get offline immediately to avoid the malware spreading to other devices within the same network.
- Use antivirus software to do a complete device scan while still offline.
- Change your login credentials for your most important accounts as soon as possible, as this information is in jeopardy following an attack.
How do I check my email for malware?
Luckily, most modern email providers have AntiVirus protection to scan for viruses and malware within emails. They automatically reject malware emails and notify the sender of the threat. If you want to be extremely cautious, follow the best practices mentioned above.
Additionally, for personal use, you may download anti-spam software for more features. This kind of software won’t work against all types of advanced malware attacks, so businesses, especially those with multiple email accounts, should work with Axigen for the best protection.
Can I get malware just by opening an email?
No, emails are essentially like web pages, and it should be safe to simply open them. Always be aware of suspicious links and attachments within the body of an email.
How do I get rid of malware?
If a malware attack was successful, there are ways to get rid of it by following these steps:
- Disconnect from the internet
- Enter safe mode
- If a suspicious update or app was installed (which you think gave you the malware), close the application if it’s running
- Run a malware scanner (a different one than the AntiVirus program you already have)
- Clear your cache.
If these steps don’t resolve the issues, completely reinstall your applications and operating system from scratch. Before doing this, back up all your files to an external drive.
What do malicious emails look like?
- Covid-19 related attacks – UK National Health Service spoofing email urging the recipient to reply within a certain amount of time by clicking on a (phishing) link to receive a travel certificate.
- Information-themed emails – Microsoft Defender for O365 credential phishing email with suspicious attachments.
- Finance themed emails – Symantec MessageLabs link email urging the recipient to review a fax document by clicking a suspicious link.
Be Prepared to Defend against Malware
Now you know how to recognize malware and best practices to prevent it. If you've indeed been the target of a malware attack, follow the steps in our article & make sure to guard yourself in the future.
Hopefully, you never have to personally deal with it again, but if you do, you’ve got this guide to fall back on. Remember that even if you open malware emails, you are generally safe as long as you don't open attachments or click links. And keep your network safe too by following these best practices both at home and in the workplace.
If your workplace is constantly dealing with malware attacks, you might be in need of a new email server. Remember that Axigen guarantees secure reception, transit, and email delivery and protects your confidential data against viruses and other malware attacks. It does so automatically, so you don’t have to worry about whether or not an email is “phishy” ever again.