Hello! When I read emails I always pay a lot of attention to suspect messages and so on, but I’m always a bit scared of clicking the wrong link and getting infected by malwares.
What can be some preventive measures I can take to avoid these risks? Perhaps opening links from emails in a different browsers with JavaScript disabled? Soke kind of sandboxing?
I use Thunderbird as mail client
I’m not saying that these will make you 100% secure but that’s what makes me feel safe
- configure Thunderbird to not display images by default. You can whitelist addresses afterwards or tell Thunderbird to show images for this particular message
- configure Thunderbird to always display mails in plain text. You can switch it for the opened mail when it looks ok
- if viewing plaintext is too much, configure Thunderbird to show you the real address somewhere on the bottom when you hover over a link (if it doesn’t do this by default). If it looks weird, don’t click it. Usually if the info in the mail is real, you can get to it via browser, you shouldn’t have to click the link
- set Thunderbird to always show the real sender e-mail address next to the name set by sender. Get a habit of looking at it when opening mails
- while reading smtp headers (there is some button for that when you have an email opened) can be daunting at first, it’s not that hard to understand from it the path the mail took. If none of the addresses on the list seem fine, be cautious
What can be some preventive measures I can take to avoid these risks?
Avoiding the risk isn’t the only thing you should prepare for in that case, although I think that using common sense should be good enough for most. It’s a case of diminshing returns, and at some point, you’re making things harder for yourself for little actual benefit.
You also want to take steps to make sure that, in the eventuality of getting infected by malware, you have a way to deal with it. Such as keeping separate, disconnected backups that you can replace your machine with, wiping out the infection, or at worst, restore to a new machine if the malware renders it entirely unusable.
Unless you’re expecting a mail you should never open any links. Just go to the originating page manually.
You can also hover over the links to see the URL they’re pointing to. If it goes to
y0urbamk.com
oryourbank.to
instead ofyourbank.com
you know that something is up. But that can be hard to see with strange Cyrillic letters or so. So manually typing inyourbank.com
helps.My email is mostly used to receive confirmation messages when creating online accounts, recovery links to forgotten passwords, confirmation of purchases, confirmation of banking transactions, etc. These are all cases of mails that arrive as an immediate response to some action I took, so I know they’re legit and don’t fear clicking on their links if necessary to complete my task.
However, I’m more suspecious of mails that I receive unprompted. In these cases I see no reason to go clicking anything, especially if it’s from a company that I have no previous relationship.
These are all cases of mails that arrive as an immediate response to some action I took, so I know they’re legit and don’t fear clicking on their links if necessary to complete my task.
Just be wary of emails that masquerade as something that came from an action you took, but are just phishing, or come attached with malware.
The point is the “timing” of the received mail. If you receive a password reset immediately after requesting one, that’s strong evidence the mail is legit.