Oh, how wonderful e-mails are. And chats. And the web. All this interconnectivity. Blue lines underneath keywords everywhere. Links. URLs. Redirections. All taking us to more information. More cat photos. More distractions. Awesome. Like Christmas, with presents and yet more presents to open. An infinity of presents. But some presents might result in a rude awakening…
The underlying assumption in the above is that you trust the originator of the e-mail, the chat or the webpage, the creator of the blue line, the links and the URLs … and Santa Claus for the presents. But what if you shouldn’t? Would you enter a shabby bar in a dark alley downtown (and risk getting beaten up)? Would you dare put your hand in a rabbit hole (and risk getting bitten by a fox hiding inside)? Would you accept a parcel from a stranger (and risk going to jail if it turns out to be a package of drugs)? Would you take the red balloon from Pennywise the clown and follow him around the corner?
Surely not! But why is it that many people still throw this “surely not” over board and click on random links in random e-mails from unknown senders, on random attachments from unknown authors, on random webpages of unknown origin? With one wrong click, your computer might get infected. With one single infection, your digital life gets exposed. For many of us, our computers, and even more so our laptops, smartphones or tablets, are the central digital focal points of our lives: we store our personal photos and videos on them, as well as lots of private documents, and we use them as a central hub to access our bank accounts, to communicate with our closest friends (on Facebook or Twitter, or via video or audio streams) or to consult our favourite health applications to check out our well-being. One single infection and all those photos, videos, documents, bank accounts and communication channels, as well as access to our webcams, microphones and medical information, are in the hands of people with malicious intent. Goodbye data, goodbye privacy, goodbye digital life (see our Bulletin article Enter the next level: Doxware).
So, be sensible! If you’ve just got divorced, a love letter from your ex-spouse doesn’t make sense. Neither does an attachment from Deutsche Telekom if you’ve never lived in Germany, or an e-mail in a language you’ve never spoken. Your favourite celebrity will never send you naked photos and your bank will never ask you to reset your password. And the advert promising you thousands of dollars for no work is a scam, like anything else offered to you “free” on the internet. Read more about identifying malicious e-mails here.
Hence, only the curious click the link – and put their digital assets at risk.
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, visit our website or contact us at Computer.Security@cern.ch.