You know you shouldn’t open unsolicited file attachments. The rule holds true whether you get them in an email, as a link on a public social media message, or randomly sent your way in a chat app: Don’t open a file you weren’t expecting to receive, ever. And even if you were expecting it, you should also be cautious when opening files from someone you’ve never previously talked to.
(Of course, even when a familiar contact sends you a file that could be legitimate, but raises the hair on your neck ever-so-slightly due to its timing, the file name, the file size, or other general weirdness, you should maintain your skepticism and run a virus scan just in case.)
As far as computer security goes, this is one of the first and easiest rules to remember. However, I can see how the process might easily break down when you receive a file on LinkedIn. After all, it’s LinkedIn, right? The “professional” social network! And that recruiter hitting you up about that amazing (contract) job opportunity wouldn’t be scamming you. They want to employ you! Now, just click on this handy attachment to view the job description, and...
No. Do not do that. You should still be wary if you’re getting a .DOCX or a .PDF of a posting that could have otherwise been sent as a hyperlink to a website or simply copied and pasted into the message or a subsequent email. And, as eSentire notes, definitely do not open the attachment if it’s, say, a .ZIP file that you’re being sent out of the blue. A recent malware campaign is using that exact method to cause problems:
“eSentire’s research team, the Threat Response Unit (TRU), discovered that hackers are spearphishing victims with a malicious zip file using the job position listed on the target’s LinkedIn profile. For example, if the LinkedIn member’s job is listed as Senior Account Executive—International Freight the malicious zip file would be titled Senior Account Executive—International Freight position (note the “position” added to the end). Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more_eggs. Once loaded, the sophisticated backdoor can download additional malicious plugins and provide hands-on access to the victim’s computer. The threat group behind more_eggs, Golden Chickens, sell the backdoor under a malware- as- a- service(MaaS) arrangement to other cybercriminals. Once more_eggs is on the victim’s computer system, the Golden Eggs seedy customers can go in and infect the system with any type of malware: ransomware, credential stealers, banking malware, or simply use the backdoor as a foothold into the victim’s network so as to exfiltrate data.”
If you truly must open a file attachment you’ve received from someone you don’t know, or one you weren’t expecting, download it and give it a thorough virus scan and malware scan before opening it. There are ample free tools you can use to accomplish either. I’d even argue it’s worth being extra-paranoid and opening said file in a sandbox—a temporary virtual environment whose contents can’t cause calamity on your actual system. Typically when you close said sandbox, anything that happened within it disappears; start up another sandbox, and your virtual environment is fresh and new again.
If you’ve already opened a now-suspicious seeming attachment from LinkedIn—or anywhere—make sure that your antivirus and antimalware apps are as up-to-date as possible, run full scans of your system, and send the file you downloaded to a service like VirusTotal for a little extra help confirming whether you were hit. Be prepared to scrub and reinstall your PC if you discover you have indeed been infected
In these situations, using your common sense is your best bet. If someone refuses to simply copy and paste the contents of a document when asked, especially if they’re soliciting you out of the blue, ask yourself what reasons they have for being so reluctant. If you confront them about the necessity of a .ZIP file and they waffle, that’s a sign something is strange about the alleged “offer” they’re presenting.
HBO Max is still not available on Roku or Amazon Fire Stick. Just wanted to get that out of the way, because I know a lot of people are still mad abou
While there’s a lot of new technology coming with the iPhone 12, Apple is also making a move to reduce “e-waste” by giving you less stuff in your iPho
Next month, the classic mystery solving bunch The Hardy Boys is coming to Hulu. For you ‘80s and ‘90s babies, this is a TV adaptation of the longstand
Disney has struggled during quarantine, forced to forgo substantial theatrical returns for probable hits like Mulan and Soul in favor of streaming, de
When you can’t hear anything from your YouTube videos—either nothing at all, or that which was once loud is now way too soft—the last thing you should
I’m a bit of a gadget hoarder. I often tend to assume that I can repurpose some old thing—an ancient phone, tablet, or webcam—into something new, so I
Want to watch YouTube videos offline on your smartphone? There are plenty of ways to do so, but it can get a bit confusing to find the right one. Even
You need to borrow your partner’s car for a drive. Lucky for you, they have an AirTag on their car keys, so you don’t need to worry about losing them.
We are a comprehensive and trusted information platform dedicated to delivering high-quality content across a wide range of topics, including society, technology, business, health, culture, and entertainment.
From breaking news to in-depth reports, we adhere to the principles of accuracy and diverse perspectives, helping readers find clarity and reliability in today’s fast-paced information landscape.
Our goal is to be a dependable source of knowledge for every reader—making information not only accessible but truly trustworthy. Looking ahead, we will continue to enhance our content and services, connecting the world and delivering value.
