***Change of editorial department on 02.11.2021***
E-mails are often misused for phishing attempts and to spread malware. Especially emails with file attachments should be checked critically. In our first article on macros, we explained what macros are and why they can be dangerous. In today’s article, you will learn what precautions are now being taken, what alternative options are available for sending documents, and what precautions you can take to protect yourself from files with dangerous macros.
What measures are being implemented?
To create more awareness about how to deal with macros, the IT Center has launched a new measure. As of November 16, 2021 a new protection mechanism will be used that will help you minimize the outbound risk of macros.
Potentially dangerous emails, i.e. those that contain a document with macros, will only be sent with an appropriate warning from this point on. This means that the e-mail in question will no longer be sent directly to the recipient. It will then be attached to an information e-mail. The subject of the original e-mail is retained in this process. In the information mail, the recipient is informed about a potential threat from attached documents with active content, so-called macros.
What precautions can I take?
If you receive an e-mail with a suspicious file attachment, it will be forwarded to you via an information e-mail. This will draw your attention to the potentially dangerous attachments in the e-mail received and ask the recipient to carry out a thorough check. Please do not open the attachment until you are sure that it really comes from the sender.
As a first precaution, it is always a good idea to check whether the sender’s address seems plausible. If you still have doubts about the credibility of the message, you can also ask the sender personally if they have sent you an email with a file attached. This is especially useful if the message reaches you unexpectedly. You should be especially attentive when receiving e-mails from unknown persons from whom you did not expect to receive e-mails.
Am I 100% secure now?
This measure should be seen as an element in the overall “IT security” construct. It does not increase the security to 100%, but draws attention to certain critical features (here macros). Please note that not all potentially dangerous attachments are filtered and that there are other security risks when dealing with e-mails. Here is the appeal to you once again: Always remain vigilant.
You can also take advantage of the IT Center’s offerings, such as cyber security awareness training, to sharpen your senses for the risks involved in Internet use and e-mail traffic.
What alternative can I use to send my documents?
As an alternative to sending an email with a file attachment, which could be considered potentially dangerous, it is possible to use various collaboration tools such as GigaMove or Sciebo.
If your doubts are not clarified and you are unsure whether it is not an email with a potentially dangerous attachment, please contact our IT ServiceDesk.
Responsible for the content of this article is Morgane Overath.