Malware and virus distribution over email is on the rise, with a major spike in malicious attachments claiming to be from Facebook or UPS, at one point accounting for nearly 30% of all email sent. The news comes by way of CommTouch, an Internet Security website, and is especially troubling when you consider the recent data breaches at Epsilon that has led to a leak of email addresses held by many Fortune 100 companies.
The increase in email attached malware often leads to an increased mount of spam and infected computers and degrades the computer experience for affected users.
The primary attacks last week consisted of fake UPS notifications and fake Facebook password reset notifications. An astonishing 85% of the infected emails claimed to be a notification from UPS with an attached .zip or .exe file that is made to look like a PDF of a UPS notification. If you click on the file, you will infect your computer. The Facebook variant uses similar methods to trick you into installing malicious software.
In order to stay safe, we recommend that you don’t open attachments from unknown sources, especially when you aren’t expecting a UPS package or haven’t asked for a Facebook password reset. Most of these attempts will try to trick you or scare you into following through, but if you are genuinely concerned, you should call UPS or login to Facebook and check your settings.
Given the leak of data from Epsilon, which sends over 40 billion emails a year, we expect to see an increase in spam and phishing attacks. Because the leak comes from a company that sends emails on behalf of more than 2,500 companies, expect to see more fraudulent emails coming from companies you do business with. This is a reminder to be extra vigilant.
You should also have an up to date antivirus program installed on your computer. If you don’t want to purchase one, you should check out the robust free options like Microsoft Security Essentials or Avast Free Antivirus. These free tools will provide the protection you need to surf the web and check emails without constantly wondering if a file or website is legit. Even with the protection, you should be sure to use common sense when opening attachments.