Basic guidelines for avoiding email viruses and phishing

Email scams come in various forms, most notable of which are:

• Trojan downloaders in attachments
• Diversion to a scam, or virus laden website
• Phishing (diversion to a fake website set up to steal your login)
• The Nigerian Letter, Inheritance or UK Lottery

Don't be tricked into opening or clicking on something by fear, greed or lust. Your account is not about to be suspended, you have not won millions of pounds on the UK lottery, and there are no nice Russian brides waiting to give you a nice time.

Politely inform anyone who sends you an email greetings card which requires following a link, that you have been told this is not safe.

If you weren't expecting it, then it's probably bad. The only time that you would want to click on a link in an email is if it's something you requested. Perhaps Uncle Fred wants you to join his photo sharing site, or you've signed up for a forum and they need to verify your email address; in these cases, you can be fairly sure that the link is genuine. If a stranger tells you to watch this video because you look really stupid in it, then it's a fear-based trick. If you are able, look at the link to see what overall site it's located at. You need the last two elements before the first forward slash. For example:
www.paypal.com.securelogin.scamsite.info/login?auth=2348273462
in this case it has been made to look like a paypal site, but it's actually scamsite.info.

If you get an attachment, don't open it as such, or run it. Save it to your desktop, and then open the program you want to use, and then open the document with it. This way, you get control over what program reads the file, not the alleged virus. Seriously, if you get a PDF as an attachment, don't be tempted to just double-click it; find your acrobat reader and open that first, even if it takes a little effort.

If you get an attachment which is a zip file, then it's statistically more likely to be a virus. Photos and video clips don't benefit from being zipped, so people don't do it. If the zip file has been encrypted and needs a password that is quoted in the email, it's virtually guaranteed that it's a virus - they do that to stop virus scanners doing their job. To be sure, upload the file to a virus scanning site such as http://virusscan.jotti.org/en-gb because they will run multiple scanners on it.

If your bank, paypal, ebay, facebook, or indeed any site asks you to login via an email link: don't. Go to the regular site, and search for what you need.

Finally, don't think that you've suddenly become rich, or that an international company needs you to accept payments on their behalf. Beware, they've become rather skilled at making you think that just this once, it's for real.