For at least one large segment of malware attack, it’s our propensity to download and open email attachments that gets us into trouble.
A couple of scary numbers from that report: 1 in 10 people will download and open an attachment attached to phishing email or spam. The average time between a phishing email being sent and the first victim taking the bait is 22 seconds.
What the heck is it about email attachments that makes them so darned irresistible?
I am very nervous about the security of an email attachment that I sent not long ago. I was in the process of obtaining a new job which I didn’t end up taking and I had to fill out a form that included information like my Social Security Number, date of birth and so on. I didn’t think about it at the time, but it was for legitimate reasons so I went ahead and scanned it and attached it to a Yahoo email. I sent the email to a trusted person and went on with my life. However, what I didn’t think about was that the attachment in Yahoo was not encrypted as far as I know. I ended up not taking the job and deleting the email from my Sent folder. Now, for all I know, it’s still sitting in the inbox of the other person and could do so until eternity. Where would this attachment be stored? On their severs or Yahoo’s? If I were to simply delete my Yahoo email account, would that render the attachment gone on their end? I’m being a little paranoid, I know, I’ll admit it. I just want to know if there’s anything else I can do other than to avoid sending attachments like that again?
Attachments live “with” the email, and the short answer about email is what’s been sent cannot be unsent. Once you send a piece of email, you lose all control over it.
It’s kind of like the internet; once you’ve posted something, it’s almost impossible to remove all the copies.
Now, email is definitely not public, but I do want to emphasize the word “copies.”