Avoiding malware messages – Tip 3

During the press work, both male and female journalists need to communicate, send and receive information with people and destinations in a number of ways, most importantly e-mail, in addition to other communication applications (e.g. WhatsApp, Facebook, Messenger, Telegram, Skype, Signal … and other applications)

One of the most common dangers journalists are exposed to through communication is malware messages or emails.

They are emails that contain a link or file / files attached. These links or files contain malicious software through which the victim is targeted.

By simply clicking on the link or opening the attached file, a malicious file can be downloaded to the device.


What is the function / task of malicious files and what damage can it cause?

There is no specific task or target for malicious files or malicious software, it does several serious things, including:

  • Remote control

That is, the attacker can control the device remotely, where it can:

– Turn on the camera.

– Play the microphone

– Watch the device screen.

– The most dangerous is transferring files from the device! Creating files on the device as well and also transferring files from the attacker’s device to the victim’s device!

  • Damage to operating system files

When important files are destroyed in the operating system, the operating system is exposed to damage that may cause it to not work well or not work permanently.


  • Use your device to perform cyber-attacks.

Such as “Denial of Service DDOS” attacks, through which websites are disabled.


  • Encrypt files on the device

That is, the attacker encrypts all files on the device, and ask for ransom to open (decrypt) files.


The resulting damages of malicious files may not happen immediately after infection. The malicious file may remain in the device for days, weeks, months or even years before it is automatically activated or activated by the attacker.

Some malicious files are not only harmful to the infected device, but copies themselves and try to access the devices that are connected on the same network that the victim’s device is.


Malicious files or viruses are not limited to specific type of devices. When we spoke in the previous paragraph about “device”, it means – desktop computer – laptop – smart phone – tablet or any device connected to the Internet…


What do we do when we receive a message with a link or attachments? (Email, WhatsApp, Facebook, Messenger, Telegram, Signal or any other application …)

When you receive a message that contains attachments or a link, you must first make sure of several things, among them:

– The identity of the sender (do we know the sender and trust them?)

– Is the sender a known or a public entity?

– Is the sender anonymous and has not been contacted before?

– Is the title and content of the message realistic and linked to the work we do or in the content of our work?


Dealing with links in messages: If the link cannot be ignored (not to interact with it), the links can be examined through the VirusTotal platform, which examines the links and tries to make sure they are safe.

Links can be checked through the following link: https://www.virustotal.com

VirusTotal can also be used as an add-on to the Internet browser at https://support.virustotal.com/hc/en-us/articles/115002700745-Browser-Extensions

So that the links can be checked, by right-clicking on any link and then selecting the link check.


* Some people / entities use the Link Shortening Service \ Feature.

Therefore, the content of the link or the website which the link leads to cannot be identified, so shortcut links can be broken through: https://unfurlr.com


Dealing with Attachments in Messages:

At first, we recommend that Gmail be used because it initializes attachments and tries to prevent sending files that are thought to contain damaging / malicious software. Gmail can also browse some attachment types without having to load them into the device, thus avoiding damage, such as

– Images – Text files (such as Word) – Table files (such as Excel) – PDF files (PDF) – Some video files

Therefore, when you receive a compressed folder, it is recommended that the sender be asked to send the files as a text file, spreadsheet, PDF or image file, so as to avoid loading the compressed folder on the device. * Because compressed folders can contain malicious files which is activated as soon as you unpack the file.

* If there is a need to place files in a folder, you can create a folder via the Google Drive service that allows you to create folders and upload files within them * that scan files and try to make sure they do not contain malware / malicious software before they are uploaded to the folder.

* The files can be scanned through the site “VirusTotal”, by uploading them to the device and then examining on the site.



Wrong information…

There is a saying or information circulating that Mac computers or iPhone phones are cannot be hacked or get infected.

This information is completely incorrect.

Apple’s computers, phones, and tablets get infected with malware or viruses, but the virus designed for Android phones, does not affect IOS (iPhone) phones or vice versa.

General tips on receiving messages:

First Tip:

Because of repeated targeting or hacking attempts, any message containing links or attachments, including messages from people / entities we know should be questioned, because a large number of targeting operations are based on impersonation. In addition to text messages (SMS) that we receive from destinations we do not know (such as commercial offers, news, and news about the awards we won …)


Second advice:

You must install an anti-virus on your device (computer, Android phone and iPhone – tablet and iPad). A free version of Avira can be downloaded from the following website: