Small download from personal email can turn into a BIG problem

It is very important that employees do not download (or open) files from their personal email onto UNC Health Care computers.

In a previous article we noted

  • Email is one of the primary vectors that criminals use to fool us into assisting them in infecting our computers.
  • Malicious links and attachments in your personal email can cause an infection of the computer you use at work and that can lead to a compromise of sensitive information.

We wanted to revisit this topic because we continue to see UNC Health Care computers becoming infected as a result of employees downloading or opening attachments from their personal email accounts.

Criminals use many techniques to fool us into opening an attachment or clicking on a link in an email (see this article for details).  The list of file types that can be malicious is too long to list here, but of particular interest is what we see most commonly: .zip (compressed) and .doc (Word).  It is a surprise to many that Word, Excel, and other MS Office files can be malicious, but .doc files containing macros are the most common way ransomware is distributed via email (more information about that in this article).

Personal email is any email that is not your UNC Health Care email Isuch as Hotmail, Yahoo, AOL, Juno, NetZero, MyWay, Gmail, Time Warner Cable, AT&T, etc.). Many of these email providers do not have sophisticated anti-spam and anti-malware detection and therefore have a higher likelihood of delivering malicious mail to your inbox. 

Keep in mind that clicking on an attachment and opening it causes it to be downloaded to the computer that you are using. If it is malicious it can cause an infection just by viewing it.

We have several technological defenses in place to protect our computers from infection, but malware is constantly evolving and these defenses have weaknesses. If just one of our computers becomes infected with ransomware or another type of malware, it can have a cascading effect ranging from you being without a computer for several hours, your coworkers being unable to work because critical files are now unavailable, other departments and systems being impacted, and ultimately can affect our organization's ability to provide care for our patients. All of this can happen as a result of clicking on a file in an email.

If you suspect that your computer might be infected, contact the ISD Service Desk at 984-974-4357.

Filed under: ,