Within the last decade, there has been an uptick of incidents where police are called to evaluate a “suspicious package”. Inevitably, the bomb squad is called in and at times the item is destroyed or blown up in a controlled manner to neutralize the threat. No chances are taken and safety is not compromised on the off-chance that something sinister lurks within.

On a much lesser scale, caution must be placed on opening email attachments “packages” that are received without prior notification. These seemingly harmless files may appear to come from trusted sources, local businesses and organizations; however, if you are not expecting a file or attachment, it is of utmost importance not to open one. It may not cause you bodily harm, but it can expose your bank to hackers wanting to steal confidential information.

There are many telltale signs that an email could be from a malicious source, including:

Unexpected – you are not expecting an email from the sender, this should raise some red flags.

Prompt for Additional Information – asks for username, password, or pin information; typically a sign that the email is phishing for your restricted information. Once they get this information, they can sell it or attempt to use it to access your personal accounts.

Winning Big – tempts you with a big deal or win that you must click on to claim, but all you do is lose. But hurry, you only have 30-minutes to claim!

Unprofessional Presentation – an all text or all image email may be a giveaway that the sender is not who they say they are, along with misspelling or grammatical errors.

Threatening Actions – click now or you will be deactivated. Fear tactics are used to scare you into sharing your information.

Sender Details – hovering over the sender information typically pops up the full sender’s address, check the domain (after the @) for accuracy and validity. Any scammer knows you can change the display name to anything as a clever mask.

There are a couple of free web resources available where you can upload an email attachment to have it analyzed to determine if it is legitimate or poses a threat.

Virus Total/Hybrid-Analysis – upload the suspicious attachment to have it fully scanned (never open them) and enter or search any URL links/email domains from the email to ensure they are valid.

https://www.virustotal.com

https://www.hybrid-analysis.com/

The quickest and easiest way to neutralize the threat is to simply delete the email altogether. You can also copy the sender email address and add it to your blocked or spam list to prevent further attempts from the same sender.

If the sender looks to be valid, make contact directly with the person or organization to ensure that they actually sent the email. This simple maneuver can keep you safe and unexposed.