Back to overview

Malspam wave: important information and tips

A wave of phishing is currently sweeping Germany and paralyzing numerous companies. It is foreseeable that such emails will also appear in Switzerland.

Meanwhile, the MELANI also warns of this danger: www.melani.admin.ch

It is primarily about invoices in emails, which appear to be from colleagues. The invoice asks to click on a link to view the online version. However, other variants (e.g., fake invitations) are also circulating. The emails are very well done, contain hardly any spelling mistakes, are personalized (personalized address), and appear to originate from colleagues.

Please do not open such invoices or documents, do not click on the link (activates the virus) and delete the email immediately!

Here are some tips in dealing with e-mails:

  • Be careful of emails with unknown sender
    Distrust emails whose sender address you do not know. In this case, do not open any attached documents or programs and do not select any links specified therein.
  • Attention to trustworthiness of sources
    Open only files or programs from trusted sources and only after prior testing with an up-to-date antivirus software.
  • Caution with file names with two extensions
    Do not open any email attachments that have two extensions (eg picture.bmp.vbs). Do not be fooled by the icon of such a file. In Windows Explorer, disable the option “Hide extensions for known file types”, respectively “hide file extensions for known file types”.
  • Email program software update
    Email programs can also have security vulnerabilities. Make sure regularly whether a software update of your e-mail program is available and play this.
  • Cautious use of e-mail address
    Give your e-mail address only to as few people as necessary and use it exclusively for important correspondence.
  • Second e-mail address
    For filling out web forms, subscribing to newsletters, entries in guest books, etc., it is recommended to use a second e-mail address. This can be requested free of charge from various providers. If this address is affected by spam, it can be deleted and replaced.
  • Do not answer spam
    If spam is answered, the sender knows that the e-mail address is valid and will continue to send spam. Caution is also advised with spam with an “unsubscribe option”. This promises that by sending an e-mail with certain content, you will be removed from the distribution list. In this context, automatic reply e-mails in the event of vacation absences should also be taken into account. They should only be activated for known addresses.
  • Be careful of certain e-mail attachments
    Dangerous e-mail attachments often use the following file extensions:
    .app (executable application), .bas (BASIC source code), .bat (batch processing), .cer (certificate file), .chm  (compiled HTML help), .class (JAVA byte code), .cmd (command file), . com (COM binary), .cpl (Windows control panel option, Microsoft), .crt (certificate file), .der (certificate file), .docm (macro-enabled Word document), .dotm (macro-enabled Word template), . exe (executable file), .iso (archive file), .jar (Java archive), .js (JavaScript), .jse(Encrypted JScript), .mam (MS Access Macro), .msc (control file for the Microsoft MMC snap-in), . msh (Microsoft Shell), .msh1 (Microsoft Shell), .msh2 (Microsoft Shell), .msi (Windows Install package), .pif (Program Information File), .potm (macro-enabled PowerPoint template), . ppsm (macro-enabled PowerPoint presentation), .pptm (macro-enabled PowerPoint presentation), .ps1 (Windows PowerShell), .ps1xml (Windows PowerShell), .ps2 (Windows PowerShell), .ps2xml (Windows PowerShell), . psc1 (Windows PowerShell), .psc2 (Windows PowerShell), .rar (archive file), .reg (registry key), .scr (screen saver), .vb (VBScript file), .vbe (VBScript file), .vbs (VBScript file), . ws (Windows Script), .wsc (Windows Script component), .wsf (Windows Script), .xlsm (macro-enabled Excel workbook), .xltm (macro-enabled Excel template), .zip (archive file)


Source:
 www.melani.admin.ch

As a strong IT partner, we are happy to provide support for all your questions on the subject of IT security.

Contact me for further infomation!

Patrick Hertig

Patrick Hertig, Chief Information Security Officer