Over the last few years I’ve lost count of the number of times I have emailed staff and customers to make them aware of opening attachments from an unknown source.
One customer even suffered at the hands of the CryptoLocker which started to encrypt a network share. Once I had recovered the data I locked down the TMP folders to ensure that ZIP files and EXE files could not run from these locations. This does have a knock on affect of stopping legitimate applications installing if the try to run from these locations, however that is easily overcome.
Last week I had a frantic call from a lady who had received an email purporting to contain an invoice, but the email was from an unknown source. So she proceeded to open the attachment which was in the form of a word document and then was prompted to enable macros’. Instead of contacting me first to find out if this was a safe thing to to, she continued, her PC started to behave erratically then blue screened on her. My advice was to turn off the computer and leave it until I could take a look.
I’m not sure if it is more to do with curiosity than anything else when it comes to attachments. There seems to be this external force telling you you must open this attachment whether you know it is legitimate or not. Still I suppose if IT was plain and simple and these problems did not exist then I might well be out of a job.
