Software from Untrustworthy Sources
?
… may contain malicious code, such as viruses and Trojans.
… is distributed via phishing emails.
… can also be distributed via seemingly harmless Office files.
?
Only install software from trustworthy sources:
- Use search engines to find out more information about the manufacturer and to read testimonials from other users.
? If possible, use the manufacturer's website for downloads. Encrypted pages can be recognized by the https abbreviation in your browser's address bar.
Take a close look at email attachments:
- Do not open potentially dangerous file formats such as .exe, .bat, .com, .cmd, .scr, or .pif.
- Only open Office files if you are sure that the source is trustworthy.
When exchanging files via email, check whether you can trust the sender:
- Watch out for letter sequences that are confusing, swapping letters that look similar, or a foreign domain (i.e., the ending of the email address).
- Also, check the subject line and text for spelling and meaning. Fraudsters often make mistakes in these areas.
- Be skeptical if you are asked to respond quickly.
- Email signatures are an additional protective measure that ensures the sender's address and the content of the message.
You should always refuse to activate macros when opening files, unless you are specifically working with them.
If in doubt, speak to your IT contact.
Three Checkpoints for More Email Security | BSI
Scrutinize every email. If checking the three key points – sender, subject, and attachment – does not provide a clear picture, the BSI advises deleting emails before opening them. If you are unsure, ask the sender personally if they sent the email before opening it.
Source: BSI
Phishing | BSI
Spam not only clogs email inboxes and instigates fraud attempts, but it also often infects recipients' systems with malicious programs that spy on personal data. This type of cybercrime is called phishing, an artificial word made up of "password" and "fishing".
Source: BSI