10 Tips On How To Identify A Malware Email


Even as digital security systems become more and more advanced, cybersecurity threats keep evolving.


You’ve undoubtedly heard about cybersecurity dangers and the risks involved with working with an insecure system. A place to stay especially vigilant in regards to cybersecurity is in your inbox. According to Verizon’s 2018 Breach Investigations report, 92 percent of malware is delivered by email.


Phishing attacks are one of the most common methods of email malware infections, which are becoming increasingly targeted. According to a survey, 56 percent of 1,300 IT security decision-makers said that targeted phishing attacks were the top security threat they faced.


Emails that contain malware change in content and theme but all have one thing in common – they’re opportunistic. Most contain threats that the sender will not follow through on, and it’s important to identify them as scams and not engage. If you receive a malicious email with any of the below identifiers, delete it immediately.


Tips for identifying a malware email


  1. Sender’s email address seems suspicious: If the sender’s address is unfamiliar or doesn’t match the domain name of a company, then you can assume it’s a malware email. Most malware emails disguise themselves as invoices, package delivery notices, fax/scans, court notices, and more. These emails rarely come from an expected address. For example, an email from FedEx will only come from fedex.com, not a variation of that.
  2. Verification of information: If an unfamiliar email asks you to check, confirm, review, or give information using an attachment, it’s likely a malware attachment. It may not be safe to open the attachment.
  3. Persuasion to open an attachment: Many emails that contain malware will entice you to open an attachment, which can still be harmful if opened even if you are running antivirus software. For example, if you received an email about a delayed delivery problem and they ask you to open an attachment, do not open it. A reputable company would just inform you of such an occurrence in the body of an email.
  4. Email subject or attachment contains a username: A malware email may contain your email username in the subject line, or in the attachment filename with an empty subject line. Compare this to safe, normal emails, which almost always have the subject line filled in and rarely mention your username.
  5. Instruction to follow a link: Some vicious emails encourage you to follow a web link that could lead to malware. Consider this phishing-style method before opening any questionable link.
  6. Problem warning, threat, or urgency: As we stated earlier, malware emails tend to be very opportunistic in that they attempt to incite worry, fear, or a sense of urgency. If an email encourages you to solve a problem (e.g. a prince in Nigeria needs your help now!) avoid at all costs. Some emails try to further confuse the recipient by appearing to be a second response asking you to follow-up.
  7. Plain text/absence of logos: If an email is legitimate, it’s likely to be written with HTML and has a mix of text, images, and an email signature. Malware emails tend to have plain formatting and rarely have images.
  8. Suspicious attachment: If the email includes a strange attachment such as a file with the extensions .doc, .zip, .xls, .js, .pdf, .ace, .arj, .wsh, .scr, .exe, .com, .bat, or other unexpected file types, then it could be malware. It’s also good to know that sometimes the file extension is hidden or the contents differ than what is indicated in the message.
  9. Undisclosed-recipients/unlisted-recipients: If the email recipient list shows undisclosed-recipients/unlisted-recipients or any addresses other than yours, then it might be malware.
  10. A generic greeting: If the email starts off with a generic greeting such as “Dear Customer” then it may be a malware attempt.


What can email malware do to your computer?


  • The attachment of a malware email usually includes code or exploits to cause your computer to continue downloading more malware from the internet. These attachments are often small, customized, and not generally spread, which make them hard to detect by antivirus software.
  • Email malware is often ransomware. Ransomware has the capability of deleting or encrypting your files and backups, even if they are stored on a server or in the cloud.
  • Email malware also has the capability of stealing data, such as passwords, logins, bank information, and more. It can take over your computer remotely using a RAT (Remote Access Tool), so it can attack your computer and attack other computers through your own.


Test your phishing recognition


Several cyber technology companies have created quizzes to test your phishing knowledge. Try to recognize a phishing attempt email or website by taking these tests!