Attachments and .Doc Files- Should I Open it?

You get an email from a company you don't recognize. Inside this email is an attachment in the form of a .doc file. Should you open it?

No. Stop that.

But what if it's important?

It's not.

But Reptiles-R-Us sent me an invoice. Why are they invoicing me? What if I bought a snake and I just forgot?

It's fake. If a company you don't know and have never bought anything from sends you an invoice, don't open it.

You could get an email from a company you do recognize. Maybe it's Dr. McTrusterson who has a practice right down the road. Inside this email is an attachment in the form of a .doc file. Should you open it?

Maybe.

Are you expecting a .doc file from this company? If so, feel free to open it. If not, call the company and ask if they have recently sent you a document. We've had many clients who have opened documents from people and practices they know and trust. And you know what's in that .doc file? A big ol' nasty virus, that's what.

But why is Dr. Trusty McTrusterson sending me a virus?

It's highly unlikely that Dr. McTrusterson is intentionally sending you a virus, but let me tell you a story:

Meet the 1999 Melissa Virus.

In 1999, the Melissa Virus was spectacular in its attack. Melissa spread in Microsoft Word documents sent via e-mail, and it worked like this:

Someone created the virus as a Word document and uploaded it to an Internet newsgroup. Anyone who downloaded the document and opened it would trigger the virus. The virus would then send the document (and therefore itself) in an e-mail message to the first 50 people in the person's address book. The e-mail message contained a friendly note that included the person's name, so the recipient would open the document, thinking it was harmless. The virus would then create 50 new messages from the recipient's machine. At that rate, the Melissa virus quickly became the fastest-spreading virus anyone had seen at the time. As mentioned earlier, it forced a number of large companies to shut down their e-mail systems to control the spread.

Unfortunately, Melissa was only the beginning. These days, it's unlikely you'll get hit with an actual computer virus. Malware is now all about making money, and there's no easy way to cash in on spreading a virus. Ransomware and data-stealing Trojans are much more common, as are bots that let the bot-herder rent out your computer for nefarious purposes. Modern antivirus utilities handle Trojans, rootkits, spyware, adware, ransomware, and more. As a covered entity, the words "data stealing Trojan" should send a shiver down your spine.

When you open a .doc file or attachment with something nasty in it, we are instantly alerted. Lights start flashing, the virus alarms start screaming. We have no oxygen.

Ok, not really. It looks like this:

I KNOW WHAT YOU DID LAST SUMMER. I mean...last Wednesday at 8:38 AM. You opened a .doc file with a virus in it. What usually happens is Charles will call your office and say "Becky, why did you open that attachment? Why Becky, WHY???" I'm kidding. It's never that dramatic.

But I have Symantec antivirus and I can do what want!

Even with anti-virus software installed, computers can still become victim to malware, like Trojan horses. Cyber-criminals continue to develop infections that skirt around the protections security software provide. The cyber-criminal designs infections specifically to get around your antivirus. So while Symantec is awesome, it's not foolproof. It's important that we (and all our staff) are vigilant with our email opening habits.