Every day, millions upon millions of scam emails are sent using 'botnets' of computers that have been taken over by criminals, thanks to their owners unwittingly installing viruses and other malware.
These scam emails come in many forms and have a number of purposes, but most of them aim to trick people into installing malware on to their computers, so that their computer in turn can be added to a botnet, or giving away their personal details so that scammers can steal their identity or their money. Typically, these emails attempt to trick people by looking as though they come from a legitimate source.
They range from the very crude (nothing more than "here's the file you requested" with an attached .zip file, from an email address you don't know - who opens these?) to the highly sophisticated (well designed, convincing emails that use the logos and designs of legitimate companies, like this recent phishing attack to trick customers of Just Eat).
Protecting your computer - and yourself - from these scam emails doesn't have to be too difficult, so read on and stay safe!
1. Use an email provider with built-in spam filters, or set up spam filters on your email account or client
Many email providers, such as Google's Gmail, have built-in spam protection that will filter-out suspicious emails and automatically place them in a spam folder. Even if your provider doesn't have this feature, you can set up spam filters yourself. How you do this will depend on the email client (Outlook Express, Thunderbird etc) you use to download and view your email, or (if you use a webmail service like Hotmail), which provider you use, but try searching for "how to set up a spam filter on [my client / webmail provider]" for details.
2. Don't assume an email is safe just because it isn't in Spam or Junk
Spam filters aren't perfect, and some scam emails will still get through. Don't assume that all emails that arrive in your inbox (rather than your spam or junk folders) are safe.
3. Be suspicious of any email inviting you to download an attachment or click a link
Always be on your guard. Even the most convincing-looking email could be a scam. Treat any email that asks you to click a link or download an attachment with suspicion.
4. Don't let curiosity get the better of you
It's amazing how many people are caught-out by curiosity! Many scam emails will try and pull you in with tempting teasers, such as "you've got to see this!" or "check this out, it's hilarious". As with point 3 above, always be on your guard.
5. Carefully check the destination of any link in an email before you click it
Hover your mouse over a link to see the URL (web address) of its destination (look in the bottom left corner of your internet browser). Phishing emails will contain links to a fake website belonging to fraudsters, but these links may appear to be genuine at first glance. For example, if you receive an email from your bank, check any links in it to make sure they are genuine; scammers will use web addresses that include hypens or underscores that look like they link to the real website. If your bank's web address is "anexamplebank.com", "m.anexamplebank.com", "login.anexamplebank.com" and "anexamplebank.com/a-page-on-this-site" are all examples of possibly genuine links, while "www.an_examplebank.com", "www.anexample-bank.com" and "login.an-example-bank.com" are all examples of fake links. If you are unsure, don't click the links, login online as you normally would or call them (don't call numbers in the email, search for the correct number online).
6. Do not download attachments you are not expecting
Got an unexpected email with a fax, voice message, invoice, delivery note etc in an attachment? It's almost certainly a scam, don't download or open the attachment.
7. Be careful of all attachments, even from people you know
Email accounts can be hacked or hijacked and you might receive an email from someone you know that contains an attachment. Don't assume it's safe unless you are specifically excpecting it.
8. Do not open attachments directly - save them to your computer first
Don't click open, save the file to your desktop or other folder first so you can scan it for viruses.
9. Scan attachments with your antivirus software before opening them
After downloading an attachment you think to be safe or are unsure of, locate the file, right click and select 'Scan with [my antivirus program]'. This isn't fail-safe, but should detect the most serious kinds of malware.
10. Make sure your antivirus software is up-to-date
Threats are continually evolving - make sure your antivirus software is up-to-date, with the latest virus definitions.
11. Make sure your PC's operating system is up-to-date
Don't ignore Windows Updates! This can't be stressed enough - updates aren't an uneccessary chore, they are vital to keep your computer safe. Malware writers are continually finding and exploiting new holes in the security of your operating system; updates patch these holes. Ignore them at your peril.
12. Backup your files regularly
Regularly backup your files to an external hard drive or online storage provider such as Google Drive, Microsoft OneDrive or MozyHome. If the worst happens and you do get hit by a virus, you won't lose your files.
13. Create a repair or recovery disc for your PC and know how to use Windows Restore
Make sure you have a repair or recovery disc for your version of Windows. Search online for "create repair disc for Windows X" (where X is your version of Windows) if you're not sure how to do this. If you do get caught out by a scam email and end up with a virus on your computer, you can use the disc to repair your machine.