Schedule a Call
Need Support Right Now?
Client Area

What is a Virus?

Vishva Thacker on April 24, 2020

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”Text” _builder_version=”3.27.4″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”]

An email virus comprises of malicious code that is distributed in email messages, and this code can be activated when a user opens an email attachment, clicks on a link in an email message, or interacts in a totally different way with the infected email message.

Email viruses are mostly spread by causing the malicious message or attachment to be sent to everyone in the victim’s address book. Recipients can find it difficult to identify specific email messages containing malware since these messages appear as if it has been sent from a known and trusted sender. This is true in the case of phishing attacks carried out to further business email compromise attacks.

Types of Email Viruses

Ransomware: Mostly delivered through emails, ransomware encrypts the victim’s data and then demands a fee to restore it. The motive for ransomware attacks is mostly monetary.

Phishing: Phishing employs manipulation to trick victims into revealing logon data or other sensitive information that criminals use or sell for malicious purposes. Generally, a phishing attack comprises of an authentic-looking sender and a message that is socially engineered. The recipients who believe that the message is from a legitimate source and end up opening infected attachments or clicking on malicious links.

Spoofing: Email protocols lack efficient mechanisms for authenticating email addresses and hence hackers are able to use addresses  that are very much like legitimate ones, tricking victims into believing that fraudulent emails they receive are from a trustworthy individual.

Whaling/Business Email Compromise: Business Email Compromise (BEC), also referred to as “whaling”, target’s an organization’s biggest fish. In this type of social engineering scam, an attacker sends an email to someone in the organization that has the potential to execute a financial transaction. The email appears as if it is from the CEO or another authorized individual, and demands for an instant financial transaction such as a vendor payment, wire transfer, or direct deposit.

Spam: Spam continues to be a major challenge for organizations even though a number of attempts have been made to filter out unwanted emails. While the most normal type of spam is simply considered a nuisance, spam is also frequently employed to deliver malware. For instance, ransomware is most commonly delivered through spam and thus alerts all organizations to carefully assess spam for dangerous intent.

Key Loggers: Criminals behind the most damaging data breaches always utilize stolen user credentials. A keylogger is considered to be one effective method used by criminals to obtain passwords and IDs. This is mostly delivered by emails when victims unknowingly click on a malicious link or attachment.

Zero-Day Exploits: A zero-day vulnerability refers to a security weakness that is not known to the software developer. The security hole is exploited by hackers before the vendor has developed a fix. Zero-day attacks are mostly delivered through malicious emails, and hackers use them in order to gain unauthorized access and steal sensitive information.

Social Engineering: Social engineering is used by cybercriminals in order to build trust before stealing confidential data or user logon credentials. In social engineering attacks, a computer criminal acts as a trusted individual and engages in a conversation to gain access to a company’s network. The attacker tricks the victim into disclosing passwords, IDs, and sensitive information, or forces them to unknowingly perform a fraudulent transaction.

How To Stop spam and Email virus

Consider employing the tips given below to prevent an email virus from infecting your client device or network:

  • Use antivirus software.
  • Scan all attachments for malware.
  • Refrain from opening potentially dangerous attachments, such as PDF files, that have been included in email messages from unknown senders.
  • Don’t click on links provided via email messages, and watch out for phishing email messages that appear to be sent from authorized sources.
  • Keep the mail client, operating system, and web browser updated and patched.
  • Do not open any executable files included as email attachments. Attackers may try to disguise these files by naming them with two extensions, such as image.gif.exe, but .exe is indeed the sign of an executable that will run automatically.
  • Don’t give out your email address to websites that are unsecured. Even if the site holds up, malware and viruses can still snag your address, making it easy for them to send a fake email with a virus your way.
  • You can stop spam and email virus attacks by getting a text preview in your chosen email service. Content previews give you a glance of the content in the email by minimizing your need to click on the email in order to ascertain its subject matter.
  • If an antivirus program sends you an email telling you that your computer has been infected, always make sure to verify the information via your antivirus software before opening the email. These programs are less likely to correspond via email than interface messages.

3 Ways an Email Virus Infects Computers

Individuals and institutions need to invest more resources into email protection to keep email virus at bay. Although an email virus looks simple, one must not underestimate its capacity to damage your computer. More email protection is necessary considering the possibility that a cybercriminal is behind the email virus.

In order to gain more email protection, consider what parts an email virus may be hiding in an email so you can guard yourself accordingly.

How an Email Virus Is Delivered to Your Email

Top 3 Ways an Email Virus is Delivered to your Email

  • An Email Virus in Phishing Email
  • Email Virus in an Attachment
  • An Email Virus in the Body of the Email

1. An Email Virus in Phishing Email

An email virus may only be the beginning of a targeted effort to gain your personal information. Some hackers could be aiming for sensitive data in your account or in some database you have credentials. Aside from upping your email protection, you will need to increase your vigilance as well. The hackers may have done research and used social engineering to design a phishing email to get your data.

In this case, email protection needs to be complemented by self-awareness and gut instinct. If you don’t know how a particular company got your email or you don’t know the person emailing you, it’s better not to touch the message as it may contain an email virus.

Also pay attention to the web address inside the email and remember if it’s the same one you log into. If there’s a change in the email address, verify with the institution if they had their domain changed. Sometimes changes in the address are so minute so you will need to be more detail oriented than normal. A little care is better than additional email protection.

If you’re aware that the email is a hoax, kindly delete it and don’t pass it along anymore. Start a practice of being very selective of what messages you pass along so you become a part of other people’s email protection in a way. This will also lessen the chance for an email virus to spread.

2.Email Virus in an Attachment

The most common way an email virus gets delivered is through the email attachment. Again, for better email protection against an email virus, you will need to be vigilant and do not open the attachment if it is not from someone you trust. And even if you trust the sender, you will still need to check the file name of the attachment.

Email virus often take the form of an executable file, therefore be very suspicious of anything that ends with the following extensions:
.dll
.exe
.com
.pif
.js
.scr

or anything that might have scripts in it: .doc
.dot
.xls
.xlt

If you have antivirus on your computer, you can download the message but do not open it. Get your antivirus scanner to check for email virus. This can help clean the file for you. However, for the best email protection, your company or yourself can get Comodo’s Antispam Gateway. This particular software weaves three layers of email protection in a command console, containment technology which isolates email virus and let’s it run from a safe environment inside your computer, and advanced filters and algorithms which are wired to weed out threats inside your email. What better email protection is there?

3. An Email Virus in the Body of the Email

An email virus can likewise be embedded inside the body. However, much like email virus in attachments, email virus in the body also disguise themselves rather well. There are two ways they can compromise your email protection. First, they can disguise themselves as links. You may think you are safe inside your email account so you don’t need email protection anymore. That’s wrong. First, if you click on a link, you can end up opening an infected site which will install an email virus in your computer.

Second some email virus may pose as simple HTML code. So the best email protection advice in this scenario is to avoid enabling HTML in your account and stick to the standard view. That way an email virus will not have the chance to install itself.

Now you know where an email virus can be placed within your email. You’ll get the best level of email protection as long as you pair any solution you have with common sense and vigilance. This way even if you have a full suite of email protection software installed in your computer, no email virus will go past you in case your software fails. The best email protection is still you.

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

What Are The Benefits of Anti-Virus Software?

SandraNet on August 8, 2017

One of the most important things is to stay ahead of the attacks with updates and real time protection. Without this, there is very little that may be done once the malware assaults, other than rebuilding the machine or hiring an IT company to clean the virus from the machine and THEN install an anti-virus application.

Yet another form of Ransom-ware!

SandraNet on June 8, 2017

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”Text” _builder_version=”4.9.0″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” hover_enabled=”0″ sticky_enabled=”0″]

Your screen just went to this:
What do you do?

It could be a Ransomware – Just look at that color!!!

Ohh NOOOOO!!!!
Do you call the phone number?
Do you click on the page and find as many links as you can?

NO! STOP! SLOW DOWN! IT’S REALLY A DOOR TO RANSOMWARE

This is the doorway for ransomware that will only bring you sadness and destruction.
There are a couple of tell-tale signs that will only bring you sadness and destruction. There are a couple of tell-tale signs:

The URL. In most cases, it is something that should throw red flags. In THIS case, it is virus.com…
Windows Security Essentials does not send a phone number to their help desk and that hints towards a potential ransomware attack. Many times, ransomware attacks can also come through email viruses too.
You may not even have Windows Defender turned on, but it will never blank out your screen with an error, it might send a “notification”.

What should you do?

  1. You will want to start the Task Manager. There are two ways to get to it:
    <Ctrl><Alt><Del> at the same time
  2. Right click on your taskbar
  3. Select the browser you are in (Chrome, IE, Firefox)
  4. Select “End Task”. (this will close out the application
  5. Download an Anti-Malware app for example:
  6. Call Sandra Network: 978-535-0202 #3 or email: [email protected]

Sandra Definition

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

Do you wanna cry? Call Sandra Network!

SandraNet on May 15, 2017

There is a new form of Ransomware out there, once again, Called WannaCry.

WannaCry

WannaCry Man

It encrypts the files on your machine, THEN demands an average of $300 in bitcoin. If payment is not received within three days, the demand doubles. Should, no action be taken after seven days, the affected files will be deleted.

What if I do not want to run my Windows updates, because some software will no longer run properly?

What can you do to prevent the WannaCry ransomware? There are steps that may be taken, should you not want to update Windows presently. The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open. If you did not update your windows, turn off SMP . following are the steps.

  • Control Panel\Programs\Programs and Features.
    • Select the Turn Windows features on or off option on the left
      Control Panel WannaCry

 

 

 

  • Remove check box SMB1.0/CIF File Sharing Support
    • File Sharing Support WannaCry

 

 

 

 

 

  • You must restart your computer to complete this change.
    • Once this is completed,  you are safe from this specific ransomware.

Keeping updates in order is usually the best option to prevent the introduction of WannaCry ransomware, but it is always good to STILL follow these guidelines:

  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as ‘PayePal’ instead of ‘PayPal’ or use popular service names without commas or excessive characters.
  • Use anti virus and Always make have the last update.

If you still run into any issues, or it is too late, please contact our Support at Sandra Network

Avoiding a Virus in the New Year

SandraNet on January 10, 2017

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”Text” _builder_version=”3.27.4″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”]

There are times when even the smartest and most careful people fall into a trap and are duped into pushing that “save” or “open” button, creating a Virus on their machine. The message looks plausible, but before you push the button check a few things out…

  1. What is the URL? Does it show the page displayed is being sent from Firefox/Mozilla?
  2. An executable file has the extension .exe. In this example, notice this is .js. This is a (java)script the site is attempting to run on your computer and it may collect personal information, or be a virus ready to spread into your system.

 

If any of this seems suspicious or you think it’s a scam, the best thing to do for assurance is to actually navigate to the Firefox download site. https://www.mozilla.org/en-US/firefox/new/?v=1
If this installer is downloaded it will be called: Firefox Setup Stub (version #).
If you have this version installed, you will be alerted to that.

What is your best course of action if this page comes up?
Close the browser, reopen it and delete all temporary internet files. This will prevent your downloading a virus.

With that,  we at Sandra Network hope everyone finds a healthy and successful New Year in 2017!

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

It’s A Trap, A Scam!

SandraNet on October 19, 2016

Recently, a great many people have asked what to do if they receive calls where someone asks to connect to their computer to resolve some issue. the quick answer is: It is a Scam!

  • Did you already sign a contract with this company?
  • How do they know you signed onto your computer?
  • Have you recently seen any suspicious activity on your computer?

If these questions create a long list of additional questions, please DO NOT allow them access to your computer, it is a scam. Please contact us first!

This is how it tends to happen:

You are sitting around, your computer is on, but not being used and the phone rings.

“Hello this is Peggy from Microsoft, I noticed that your computer has been sending error messages. There are problems with the internet connection or phone line and this has affected your computer’s recent performance. On top of that, the broadband connection has been hacked. May I have remote access to the computer to find out what the problem is?”

Your first thoughts should be… I don’t know anyone named Peggy. WHY are they monitoring my system, I didn’t hire them and if I didn’t, who did?

These are all valid and you are correct in being suspicious of this call. This is not a technical support service,  already hired (such as Sandra Network) then the scamming call should be ended immediately.

What is the best way to protect yourself?

  • Never give an unsolicited caller remote access to your computer. This is ALWAYS a scam!
  • Never give your personal, credit card or online account details over the phone unless you made the call and the phone number came from a trusted source; otherwise, this is a scam!
  • Receiving a phone call out of the blue about your computer and remote access is requested – hang up – even if they mention a well-known company such as Microsoft.

If you have questions or think you may have been hacked, or have given out pertinent and private information:

  • Please call your financial institutions and have your accounts monitored or closed.
  • Change your passwords for your email, login.
  • Call us at Sandra Network and with your permission, clean out the machine of any suspicious activity.

When is it a Scam?

SandraNet on April 11, 2016

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”Text” _builder_version=”3.27.4″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_padding=”0px|||||”]

There are all sorts of scams that come through email, but which ones are scams and which ones are legitimate? In most cases the first sign is its being from an anonymous sender, it is unsolicited and it is generally a mass mailing. All of those signals aside, the subject line tends to give away the suspicious email.

Mark Zuckerberg Is Giving Away Money!

Mark Zuckerberg Is Giving Away Money!

YOU are the Lucky Winner! Free iPads from Mark Zuckerberg, Miraculous drug for weight loss or male enhancement, or sometimes both. The Nigerian prince that is a long lost relative has died and you are the last known family member and will be receiving his millions stored in an off shore account.

As much as we would like to believe these stories are truly meant for us and there is a shred of validity to the email, chances are it is a phishing scam, or it is laced with a virus that is just awaiting your double clicking the attachment describing these awaiting riches or physical enhancements.

In some cases, the emails are far more malicious than promising wealth and other unrealistic notions. Imagine being a company working on a project, in the finance department and trying to get the month closed out. You receive an email from the supposed client letting them know the bank account and routing numbers for transfers had changed, and could $30,000 be transferred for payment as soon as possible. The email has the “correct” logo, mailing address and other pertinent information, yet… it was not. Upon further research, after the $30,000 had already been wired, the domain name was spelled incorrectly and originated in Russia, other than that, it seemed credible. The money is lost and a hard lesson is learned. This is an extreme and a very frustrating and hard lesson to learn, yet there are ways to prevent this. Always check with the sender, even if it means picking up the phone and speaking to someone in their accounting department.

Some things to watch out for

  • If it is a bank or credit card company, they will NEVER ask you to email your credentials.
  • If you are asked to logon to a site and verify your information, do NOT follow the link. Open a new browser window in a different browser and loon to the company site to verify. Be SURE you actually have an account in said business.
  • If you do not know the sender, do not open the attachments or send any personal information.
  • If there is a phone number to confirm, call it and verify the urgency. Also, find the phone number on another source and verify it.
  • If the email is garble, delete it.

    Garbled phishing email.

    Garbled phishing email. Click to view example larger

  • If it is a friend who seems to have lost their wallet in another country and are stuck there without a Visa. Advise them to go to the American Embassy, OR call their cell.
  • If a window pops up stating what type of damage it will do (steal credit card information, personal information, delete data etc.), it is a scam. Legitimate antivirus programs do not list the destruction they will cause. If that information comes up suggesting you have a virus, then the popup IS a virus.

detectedActivity

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]

4 Critical Security Mistakes That Put Your Organization At Risk

Protecting your company doesn’t have to be difficult. Get our insider tips to avoid these four common ( and costly) mistakes.

Download your 7-page guide identifying 4 major security mistakes so you can help your organization and employees protect your most valuable assets.

Feel confident knowing your network and business are fully protected. We take a white glove approach to IT structure, security and ongoing protection.

Address:
8 Essex Center Dr Suite 330,
Peabody, MA 01960, United States
Local Phone:
978-535-0202

Phone: 1-866-SN4-GEEK

Facebook-f Linkedin-in Twitter
Contact Us
Client Area

Copyright 2023 Sandra Network © All Rights Reserved.