The main risks of email can be broken down into three categories, Spam, Malware and Phishing.
What is spam?
- Unsolicited email from senders that you do not know
- Automatically sent in bulk to millions of users at a time
- Usually advertising commercial products or websites
- Often poorly written, with bad grammar and inappropriate content or language
- Contain eye-catching subject lines to entice users to open the message or attachment
Apart from being annoying, spam can be potentially dangerous because the message or its attachments may contain malicious software, known as malware.
What is malware?
These refer to viruses, spyware or e-mail worms designed to cause harm to computers and networks. Tens of thousands of viruses exist to date and hundreds of new ones are created every month.
Email is a primary method by which malware is transmitted.
When an email or attachment containing malware is opened, the virus, worm or spyware will attach itself to the user's computer and attack its functionality.
It can also replicate itself and infect other computers linked within the network.
The damage caused by malware includes:
- slowing down the computer's performance
- strange behavior like frequent hanging or rebooting
- consuming Internet bandwidth
- silently gathering personal information and transmitting it to hackers
- corrupting files on the computer's disk drives
- causing the entire computer system or network to crash
What is phishing?
The term phishing refers to the deceptive method of "fishing" for sensitive information by using emails and fake websites to bait unsuspecting users into disclosing private details, such as usernames, passwords and account numbers.
- Fraudulent websites and emails that seem to be legitimate
- Unlike spam, these usually appear as official-looking emails from reputable organizations such as banks or well-known companies like Microsoft or Ebay
- The email will often contain a link to a fake website, where users will be asked to provide private information such as credit card or bank account numbers, usernames and passwords
- The website address and appearance of these fake websites are very similar to the legitimate organization they are mimicking