This article covers tips on password creation and how to identify phishing or hoax emails in your email inbox, plus staying safe at work when online, what signs to look for when receiving suspicious emails, and serves as an overall guide for minimizing security incidents in the workplace or at home.
This article will showcase a few of the key precautions to take with your accounts and when browsing the web. Additionally, it provides a few tips to avoid hoaxes, scams, or phishing emails. It serves as a guide to protecting your personal and work-related accounts that could save you from ransomware attacks, and malware, or minimize the amount of computer virus reports in your environment.
In order to stay safe online the first area to examine concerns the passwords for your accounts. A password that has greater complexity essentially makes it harder for cybercriminals to easily infiltrate your accounts. Often they have the ability to fire off a series of automated guesses or may leverage online research about your life, on social media, or in the workplace.
Note that there are an abundance of methods and approaches cybercriminals have that can trigger a massive security incident or rather domino effect within your organization where your fellow co-workers are compromised due to data breaches or it may ultimately ruin the reputation of an organization's reputation or raise eyebrows to a point where i.e. customers decide to choose a competitor etc. that has not been hacked yet.
A strong password should typically follow these guidelines below, however, your workplace security requirements may vary and each account has slightly different requirements as well. If an account's policies are limited nor consist of extensive complexity requirements, then you should STILL ensure that you create a tough password that can withstand the wide array of attacks and advancing methods cybercriminals have to hack into your account.
The password should NOT be less than 8 or 9 characters long overall, and ideally 10+. The longer and more complex a password you create the less likely of course it will be susceptible to a guess or hacked into, especially if you do not have additional layers of security over the account to confirm your identity.
If you're curious about approximately how long it would take for an individual to hack a password, then check here. Although, Security.org states that "your password will not be stored," I would recommend NOT entering your actual or existing work or personal passwords into the search engine, but use it to just get an idea of whether or not what you're considering is a VERY strong password.
The site is not 100% accurate, so please follow the construction tips within this article no matter what the Security.org site says. Once again, some sites and apps have different security requirements over what they consider as STRONG or WEAK, but for the most part sites nowadays are stressing the importance of following password creation guidelines or the strength indicator bars i.e. GREEN = STRONG, YELLOW = POOR, or RED = WEAK often seen on most sites you're either creating or resetting a password on.
The password should NOT contain personal information or easily guessable info others in your network would be aware of such as pet names, sports teams, favorite TV characters, favorite travel locations, seasons, phone numbers, birthdays, movies, foods, etc.
The password should NOT be variations of existing passwords or mirror other passwords you have already created in the past for either work or personal accounts. The password should NOT have patterns or sequencing within it such as: "12345," "abcd," or "eeee."
The password should NEVER consist of the name nor abbreviated portions of the application or site in use such as: "Expert12345!," "EE0007!, "@EE5431!," " Hell0Experts123!" as these can be easily thought of or guessed. The password should NOT be in common formats that have back-to-back numbers or lack obvious complexity in general: "MyC0mputer123!" and "MyEELogin456!"
Some web browsers such as Microsoft's Chromium-based Edge, now have built-in password health monitoring features showcasing a leaked password, weak one, or flags ones you've reused. It is typically best to consider a password management system as cybercriminals can hijack a browser through a phishing email, which is discussed further below though. However, being able to scan for leaked passwords or see whether your password has been used before potentially is extremely useful.
Note that you should not rely on one tool or method alone to tell you if your password has been compromised or leaked as breaches can happen in other ways. Work with your IT Department or IT professionals in the EE community to gather second opinions on emails received.
Sometimes fake emails from cybercriminals want to make you think your account has been leaked or breached or other times you may receive legit emails from organizations discussing a recent attack or breach in the news that requires action.
Of course, if you see unusual activity on an account that signals a breach happened. Cybercriminals usually want to get your heart racing and drive absolute panic into your mind so that you click on a link or attachments.
Once again, you must be cautious when trying to identify true leaked account information or hoax email messages. Sometimes emails may be vague or discuss purchases, fees, etc., so never assume it's a true customer-facing email automatically and scan it thoroughly using the tips discussed later on.
While a strong password is key, not changing the password for several years or regularly i.e. every 90 days or at least once or twice a year is a massive security risk as well. Mainly any master system account-based ones, or work or personal computer-related passwords should be changed frequently.
Your IT team or organization should have security policies in place for passwords to be set to expire every i.e. 90 days or so and may vary of course depending upon the guidelines decided by the organization to follow or must comply with depending upon the industry-specific or security compliance plan in place.
You should also be aware of the following items or take into consideration the below whether you're an IT Professional or working from home on a personal or work computer:
Since most individuals have several different accounts at work and home, it can be easy to lose track of them, forget to change them, or be tricky to manage or memorize all. Password managers may be used in your organization today such as RoboForm, LastPass, Dashlane, NordPass, 1Password, Bitwarden, etc. Outside of work, you may want to invest in one or free ones that do exist such as KeePass.
Please REMEMBER password management systems such as LastPass are not 100% invincible to attacks either, as some have been compromised in the past, but it is still more secure than writing a password down, having a sticky note under a keyboard in the office, unencrypted document file on your desktop, etc. Be sure to enable 2FA over your chosen password manager as another layer of security.
Tip: If you ever notice odd behavior with your password management extensions in terms of logging in, then a good way to test and compare is to try adding it to another web browser: Edge, Chrome, or Firefox.
Also, ensure that your web browser is fully updated. Often times I have seen browsers have odd errors resolved by simply clearing out the cache and history a bit, then trying again.
Please be aware you may lose some entries saved when clearing out your cache and history, of course, especially all when you choose "Since the Beginning of Time" or "Everything." Pay close attention to the time span you're clearing out the cache and history over. Check the status pages of password managers as well, for there could be service or systematic product outage events.
Aside from password managers, you should ensure that your accounts have an additional layer of security over it such as two-factor authentication (2FA) or multi-factor authentication (MFA), simply meaning there 3 or more total ways to verify you are indeed the person who should be accessing the internal data, account or network. Your organization may require authentication over certain accounts or make it mandatory.
You'll often have to install Google Authenticator, Microsoft Authenticator or have a code delivered via text or call to your work or mobile phone number, but once again it depends upon what security systems your organization has implemented over what you'll install or set up for an account, Some organizations utilize Single Sign-On (SSO) with 2FA and on top of that YubiKeys.
When working remotely your organization may typically require a VPN to be used to access all accounts you have as well as one more extra layer or restrict file sharing outside of SharePoint, OneDrive, etc. Always make sure you're connected to a VPN successfully when working remotely.
You may also need to leverage a mobile device management profile in your workplace for Bring Your Own Device (BYOD) policies before installing your email and other work-related mobile apps on accounts.
If you're not sure which security services or products would be best to implement over accounts etc., take some time to reach out to the EE Community, examine reviews, product video demos, or trials, and ask their customer support to clarify any lingering questions if you're in an IT Department implementing a security plan for the first time, 2FA, or have other concerns about how it would impact the environment you support.
Cybercriminals are still successfully completing "hacking" methods on user credentials because to this day some of the most commonly hacked passwords and easily guessable ones are used (see List of Most Common Passwords Used In Society) for more examples and more recent reports by cybersecurity researchers or studies are often conducted each year online or may be seen on the news at the time.
Tip: Take some time to read about past security breaches and new cyberattacks or methods impacting companies, services you may use, or individuals working at home or even family and friends.
You can easily type a keyword i.e. "security," "data breaches," or "passwords" in a Google search > Click the News tab and that will populate some trending current topics.
"I like eating cheddar cheese popcorn 24/7 at home! equates to: iL3CCP247@h!
"I enjoy playing chess 24/7 at the park!" equates to: iePC247@tp!
"I love being part of the Experts Exchange Community!!!" equates to: iLBP0tEEc!!!
Tip: In place of letters try to use numbers or characters instead. Take, for example, the letter "O" could be 0 (zero) or "E" could be a backward 3, and "at" as shown above can be the @ symbol to increase overall complexity.
Note: Do not use these exact passwords above of course as these are just examples. :) Password managers or antivirus solutions companies nowadays often offer a randomized password creation generator to help for getting ideas on making a highly complex password, which for instance LastPass is capable of via the Chrome extension. I would advise to NOT use the exact password generated from an online or randomizer tool, but to modify it so that it is complex but not 100% identical.
Below is an example from RoboForm Security's Password Generator) where you can modify the number of characters you need your login to be and it helps provide insight into the structure of super-strong or unique passwords.
Tip: Do NOT leave or post passwords and security codes in messaging channels, documentation spaces, or chats even if an account has 2FA enabled. Remember to delete accidentally shared info or one-time password reset messages and change instructions to help you log back into your accounts as it's possible someone else can gain access later on to your account or system if there was ever a breach i.e. Slack, Teams, and HipChat. Have your documentation if you're an IT Professional or part of another department for work refer to retrieving your login from a specific team member, or manager, or navigate to the password management system to see the login credentials instead.
A phishing or essentially fake email often tells you directly with urgency to CLICK HERE NOW in the email via a link or wants you to enter or change your login credentials ASAP on a page it directs you to, share some form of extremely personal or valuable data tied to your account, or really emphasizes to just click on a button or even call in to prevent something bad from happening to you or your account.
These emails ultimately try to strike fear into your heart or cause panic and often are successful if you react immediately via a mere click, so REMEMBER to READ and take a moment to PAUSE to examine the email carefully. Whenever you're uncertain about an email or not 100% certain you should always ask your IT Support Department or consult other team members to discuss reporting it is a work-related account.
These are emails where cyber criminals will sneakily create look-alike and copycat emails to try to deceive you as if they came straight from the source or attempt to match actual companies or platforms emails you engage with i.e. Zoom meetings, Microsoft, or even perhaps Experts Exchange using their exact logos, branding, colors, etc. and attempt to completely mirror their formatting of past emails received.
It is often very hard to spot a hoax email as some are designed very well and sent off in batches or a colossal amount variations even, but there are tips further below in this article that should help you avoid interacting with them.
Below is an example I made of what one could look like your IT Department should NEVER ask you to change your password through a "link" or state access will be revoked or data will be deleted if you do not change it now, also see ( https://www.phishing.org/) for more examples.
Had Barnaby clicked on the link and entered his credentials to a site fabricated by a cybercriminal, he would have been in big trouble as his credentials would have been stolen.
Here is a list of common keywords I often see within a message's content, subject lines, or RED flags making them usually phishing emails. You should NEVER respond to nor interact with the links, buttons, or attachments until you've verified it's not an attack or trick:
"Expiration Notice - Urgent - Please Respond Now" "You will be banned today!" "You have a virus, click here to fix it now!" "Open Your New ID Attached" "Join Now to Enter" "Open the File Requested" "Pay The Missed Bill Here" "Required Installation (Click Here)" "Change Your Password (Click Here)" "Warning Your Outlook Storage Has Exceeded & Your Account Will Close Soon" "Review the Invitation Link Here" "View the New ID" "Change Your Password Now or Be Blocked Forever!" "Your Account & Webcam Was Compromised Stop It Here" "View the New Zoom Meeting ID to Join" or "View Meeting ID" "Required response, please update your login now!" "Click here to fix or you'll lose access"
Often if you do fall for it or accidentally click the link or an attachment file it begins to execute the malicious activity. Of course, if you did NOT request the change i.e. your bank account, Experts Exchange, Zoom, password, etc. then the email is most likely a phishing email trying to harness your data to either hold it for ransom or to obtain additional financial account info.
You should do the following typically do the following when you see a suspicious email:
Report it IMMEDIATELY to your IT Security Department or IT Service Desk by forwarding it, then deleting the email, or taking a screenshot of the email.
Report it to the company or contact their support to verify, but DO NOT respond to the fake email you received, and NEVER call any numbers listed in the suspicious email.
HOVER with your mouse cursor over links or hyperlinked button(s) to reveal where they may actually be taking you, but DO NOT click on the links. You can lay, hover, or rest your mouse cursor over a link you find suspicious and compare for instance against the one you have bookmarked for signing in regularly.
Additionally, on your mobile device depending upon your settings, the model's current state may provide a miniature preview window of the page instead which can be helpful as well when you hold down on the link or button
Try to compare past emails you've received from the sender against the suspicious ones for small differences in grammar, logos, placement, and i.e. missing or inaccurate signatures.
Read it carefully and scan for grammatical errors, typos, etc. are a RED flag in an email telling you to sign a document, update account information, or click on a link or button urgently in order to avoid losing access or data.
Even if there are NO grammatical errors and the email is flawless, the email could have been very carefully crafted to look identical to a company or service you use i.e. SurveyMonkey, Anti-Virus Software i.e. Norton.
Use your familiar contact sources for account support i.e. your IT Support Desk email if it's a work account and existing bookmarked links you regularly use instead of the links located on the suspicious email.
Navigate to a new tab and manually pull up the address or perform a search that way for their contact information. Once again, the best course of action is to not engage with links, attachments, numbers, or any items in the email you suspect to be a malicious attempt to harvest valuable personal or work data.
Cybercriminals can target companies by obtaining names and making it look like your own manager, HR, Finance Dept., or fellow co-workers and members of IT sent an email to you, so be VERY careful of spoofed addresses.
Look at the email address appearing, plus hover over any links that exist, and report the unusual message to your organization immediately. Forward it to the Security or IT team for examination of the IP address and delivery log. You may also verify with the co-worker if they are nearby, and if they know they didn't send anything that's a giant RED flag.
Often storage-related emails exceeded messages can be quickly verified as fake as you can manually look at how much storage you have in Outlook, OWA, or your preferred email client. If you're not sure how to do so first reference Microsoft's KB articles see (Microsoft KB| Mailbox storage limits in Outlook on the web).
By chance, if you are quite low or out of storage at the time of checking and received a suspicious email concerning this, do not interact with a suspicious email and address it outside by contacting i.e. Microsoft support or working with your IT Department on how to tackle the situation if you're unsure as they can help perform a more advanced examination over the suspicious email for you.
Depending upon your workplace's setup or environment, an awesome feature that Microsoft offers is encrypting your emails that may contain sensitive data or information you're worried about getting in the wrong hands. Email encryption serves as an additional layer of security as well, but on top of that, you can also encrypt document files or password-protect them. For instance in Word under File > Info > the Protect Document Settings section you'll be able to encrypt the document you've just drafted and saved. Aside from password-protecting PDF files, there are platforms such as DocuSign that help secure document completion and safeguard data.
On the other hand, these platforms may often be targeted by cybercriminals too sadly where they will design hoax emails asking you to click or complete the form immediately, but you should always verify with your HR or IT Department contacts directly when unsure if they sent it to you and HOVER over links. No matter what role you are in, one compromised account can unleash absolute chaos upon an organization or compromise the data of customers or even fellow co-workers' accounts.
Once an encrypted file or email has been sent, you may need to communicate the code or password through a text message or direct call. Managerial roles, CEOs, Billing or HR Departments that interact with sensitive data on a regular basis can heavily benefit from leveraging encryption features.
There is also an abundance of third-party secure external file sharing solutions outside of what Microsoft offers that often compete against SharePoint, OneDrive for Business, etc., but are not 100% free of course. IT Support Professionals nowadays have a wide variety of tools at their disposal to help prevent cyberattacks, but when you're working with your personal accounts it's extremely important to take some time to research or stay informed about the latest types of successful cyberattacks and recent incidents.
Your organization may have invested in or implemented an internal phishing training and testing tool to gauge how well employees can identify a phishing or hoax email in their inbox. There are several great Learning Management Systems and training platforms available today that help with keeping your team members on their toes or staying in the loop on what to look for, how to react, and report the phishing attempt.
Proofpoint (formerly Wombat Security) and KnowBe4 are two awesome platforms to leverage. Something as small as a link clicks or entering your credentials on a fake website once can trigger a data breach which may disrupt an organization financially or obliterate the reputation of the company overall depending upon how widescale or severe the cyberattack was.
IT Departments must often implement or develop comprehensive disaster recovery and security plans, but make sure they are followed through mandatory training. While it takes some time to train others, encrypt or password-protect an email, file, etc., often it is worth it overall in the long run to take additional safety measures.
Example: In a past workplace, I hosted a series of 3-4 training "IT QuickTips" sessions a month covering different topics, such as cybersecurity. I had introduced also free food and snacks as well to help bolster attendance. I always ensured that multiple times were available for employees to join and that a copy of the presentation was available for others to reference. Our IT team had come up with some fun security tips displayed across the company monitors in each building to reference also.
When we implemented an internal phishing test system and increased mandatory Security Awareness Training, we saw more employees were really taking the time to forward and report suspicious emails to the Help Desk. Every time a suspicious email hit our organization, I would also send out immediate company alerts via email in a standardized template to make everyone aware as well as to not interact with it, which overall helped heavily minimized security incidents across the organization.
Security policies can seem boring to most, however, if you make sessions engaging and fun then often others are likely to remember what was covered. Providing an abundance of examples each year is essential overall to help others stay safe in the workplace as cybercriminal attacks continue to become more advanced.
Web Browser Security: Ensure your default web browser, OS, and workstation stays updated. Your IT Dept. maintains or oversees update deployment as well as often will contact you if your laptop is flagged for being behind or has software on it that is identified as a security risk. Leverage extensions such as Web of Trust.
However, PLEASE look closely at why a website was rated very low as sometimes a site deemed as a "scam" may be due to user feedback pertaining to something else entirely or complaint and not whether the site is actually secure when it's one you regularly use such as Microsoft, Experts Exchange, etc. are all legitimate and secure sites so the rating and shield status may provide false-positives or NOT be 100% accurate, so at times you still need to be VERY cautious and take time to stop before clicking on multiple site links. However, overall security browser extensions can be another great set of eyes for taking caution with the site link within your search results.
Anti-Virus applications or companies behind them often have extensions as well or i.e. Malwarebytes Browser Guard, but sometimes those can cause hiccups with sites you regularly use. You are permitted to disable the extension or remove it from your browser anytime. Anti-Virus applications often come with extensions as well, but sometimes those can cause hiccups with sites you regularly use. You are permitted to disable the extension or remove it from your browser anytime.
You may often notice a padlock located towards the upper-left-hand corner in front of the URL address bar of a website you're accessing such as a bank website or even EE. This is an indicator that the site is secured via a digital certificate and you should NEVER input very personal information into a site without it present, especially pertaining to your bank or financial accounts.
Please remember just because a site HAS this padlock icon next to the website address this DOES NOT automatically mean it is legitimate or the true site as cybercriminals as mentioned earlier can build fake websites that capture your credentials or entries. Remember to compare your past URLs or the bookmarked links you have for a site and double-check it for minor characters, path or number differences or added-on words, etc. after clicking on a link.
The following "Connection is secure" pop-up window appears when you click directly on the padlock icon in your web browser and beneath it, you can often view a bit more information about i.e. Certificates, etc.
Leverage your antivirus software. In the event, you did interact with a suspicious link, attachment, etc., or after the fact, then you should notify your IT Support Department as well to assist. Most likely, they will have you change your password and run a full scan. If you're on a personal workstation, then you should also run a full scan first and examine the results. One malware removal and scanning application are Malwarebytes.
This is one of my favorite ones beyond Windows Defender as I have seen it has helped form my experience detect and catch a lot of horrific malicious events triggered by individuals clicking on e.g. dangerous links or files.
You typically shouldn't use multiple antivirus applications as that can often impair performance or bog your station down, plus often the OS i.e. Windows 10 will detect this or faces a disabled inactive state. You should ensure you set one as the primary real-time scanner and run manual full or quick as-needed scans of the other as if it's another set of eyes to ensure nothing else was likely missed by the other. Remember not all AV solutions will catch or flag the same things, nor be able to remove what hit your station at times so you may have to try another and compare. No antivirus solution is 100% perfect nor designed the same way.
Often within the support case or community sections of antivirus solutions, false positives are heavily reported, where a legitimate application may be incorrectly flagged that you use quite often, but is not malicious in nature just has extensive capabilities to make changes to your system that could be dangerous if used incorrectly.
Usually, you can report this issue to their support team via a ticket or in their community space for the AV solution you're leveraging or confirm a false positive as well as the next steps to take if any need to happen on their end.
In the past, the free-trial version of Malwarebytes has been sufficient as an additional check if malicious activity and quarantining and removing files, but I love Malwarebytes Premium. In the event an antivirus or security app solution cannot remove a virus or malware on a workstation, then i.e. your IT Support Department may need to completely reimage the workstation again or reinstall your operating system to start with a clean slate to fully remove all traces of the virus if they cannot tug it out of the OS nor extinguish the source of it.
You should never try to move or copy files over to another station whilst a computer is still impacted by a suspected virus or security incident case you've submitted is open as you can transfer that malware to the other devices or stations you have like wildfire. Always ensure that no virus, malware, etc. exists and threats are quarantined or immediately removed from it.
Confirm the action to take with IT Support Professionals. Also, please remember to not fall for allowing others to gain remote access to your computer to "help you" or account data through phishing links as well, only contact known members of i.e. your IT Department directly and follow procedures to submit a support request from i.e. your mobile phone, a messaging channel, or call.
If a laptop is hit with ransomware that is an URGENT HIGH PRIORITY security incident resulting in potentially replacing the workstation and losing valuable files as cybercriminals often have turned your computer into a puppet where they are in complete control trying to get you to pay a colossal sum of money or may inform that the data will be destroyed or shared in some way with others without payment.
Essentially, they are pulling the strings over your computer and data or locking everything down, which is an extremely dangerous situation that must be reported immediately, You'll often hear in the news, that companies at times have been hit by ransomware attacks resulting in millions or even billions of dollars in damages.
Sometimes phishing emails or malicious sites may also deceive you into thinking your files, or accounts have already been compromised or accessed in some way with a virus, etc., however, always check with your Security Department, consult known IT Professionals, or contact the company once again outside of the email contact details to verify if a data breach or security incident did in fact happen.
NEVER store important company files on the desktop, often if your organization is using a cloud storage solution i.e. OneDrive, SharePoint, or Google Drive, and your laptop tanks, cannot start or crashes for example not just due to a virus you will often lose these files completely as the desktop is not being backed up or synchronized via folder redirection.
There are too many times I have seen others store tons of essential folders on their desktop and i.e. outside of OneDrive, but be unaware that if their laptop faces an irreversible hardware failure or extensive damage we would not always be able to help recover those.
Additionally, if you stored some of your work-related files outside of i.e. OneDrive and your laptop face ransomware that is a very dangerous situation. Remember to follow your organization's storage guidelines and at home pay close attention to where you're saving files or invest in a backup solution.
Example: Often in phishing, hoax, or suspicious emails you may be seeing just one file attached with a message from a name you recognize, but please be advised hackers can make it look like a co-worker sent a file or will change the file type so i.e. a PDF that ends in .exe is a RED flag.
That indicates it will execute something the moment you click on it, also be aware that even PDFs and other files can contain malicious links, and often times you should forward an email to your IT Support or Security Department team to examine it further before interacting with it.
For an organization, I was part of we had a PDF come through that many missed to notice the .exe ending, and clicking on it caused malware to latch onto each laptop.
It spread like a wildfire, I literally had to get a cart to pick up all of the impacted laptops and help reimage them, plus create a list. We weren't able to remove the virus from those who clicked on it. In the email, what was tricky was it had the image of a trusted employee in our organization in Outlook, so if you clicked it, it would look like you had sent it i.e. stating "Read ME" , just two words with one attachment and would continue to piggyback or send out to other contacts within ones address book.
A common concern I used to get from walk-up technical help requests was whether clicking on a dangerous email, link, etc. would result in malware or viruses latching onto a device. Mobile devices can be hacked and are susceptible to cybercriminal attacks. Consider installing an antivirus app on your mobile device from the app store.
Additionally, when you receive a suspicious email i.e. potentially phishing or hoax then rather than HOVER as you do on a computer to reveal its true URL is to press and HOLD down on the link for 2-3 seconds or more which will cause the entire URL to usually pop-up with a mini-preview window along the bottom of your mobile device, browser e.g. Safari or email application such as Outlook.
Be VERY careful to not quickly release the link, as that will trigger it to be accessed or launched. If you rather not try that or risk it, then simply delete the suspicious email after forwarding it and reporting it or take a screenshot of it. Just because you see nothing happen after clicking on a reportedly dangerous email or don't notice malicious activity doesn't mean nothing is happening on the backend as you're still using your device and navigating it. If you're concerned, please work with an IT Support Professional to describe what incident occurred i.e. an email or link click and where it took you, etc.
If you do not see the true URL appear after HOLDING the URL down for a bit on your mobile device, then examine your mobile device settings which may vary by model. You may want to contact your mobile device provider or IT Support Department for further assistance. Additionally, in our EE Community, we may be able to determine why or the root cause. For some devices in the past, I myself was unable to resolve the cause of that helpful spot-check link function failing as well.
Downloads on your mobile device can lead to major security incidents too, so take caution before you press GET or see anything you like that's 100% FREE. Also, the same applies to your laptop or desktop computer.
Online download libraries can serve as feeding grounds for cybercriminals, plus copycat software or websites i.e. matching names, but consisting of malware can wreak absolute havoc on your computer. If you need help locating a specific program or version, involve other IT Professionals to help pinpoint it.
Example: The very first computer virus I ever got when I was little and NOT in the IT field was from CNET. It caused a series of new browser windows to generate constantly and locked up most actions on my PC. I had to wipe the PC and get a replacement due to the extensive damage done back then, but luckily it was not ransomware and my files were not impacted though retrievable.
So always double or even triple-check the download and right-click to scan your files with your AV software in the Downloads section of File Explorer. Also, a helpful site a lot of our EE Community members use is VirusTotal. There are other analysis tools out there though and it is often a good idea to compare results or use more than one scanner.
A sign that you have a virus isn't always a bunch of pop-ups, or hundreds of browser windows generating on their own, etc., sometimes cybercrimes involve keylogging or webcam hacking which triggers after opening a phishing email attachment, villainous link or macro, etc.
Some cybercriminals are highly skilled in hiding their attacks so that they're silent or rather always interacting with your station "behind the scenes" for a very long time until you start to notice missing money or you can no longer access accounts or files etc. On top of this, of course, quite a few can nearly erase their "footprints" or illegal activity entirely so you cannot trace it back to them easily.
Hovering mouse cursor example in a web browser (Fig. 13)
You may want to hire a Security Consultant with experience under the belt of how to bolster security further in your environment, via Upwork, or have helped with implementing a security plan or applying a set of guidelines, or how to improve your organization’s existing security systems if a breach occurred or several incident patterns emerge.
If you're working from home or have a security question, then definitely leverage our EE Community for help and refer to existing EE posts under the Security category section, but please remember to blur out personal information of any screenshots or within the web browser, pop-up windows, etc.
Feel free to ask questions to also Microsoft Support or Apple Support if it's pertaining to security incidents as well, especially account-related incidents i.e. where you have an unauthorized reset request or unusual or product message. Lastly, if you're unsure about what for example security features Microsoft has or how to configure i.e. 2FA for the environment you may want to first take some time to refer to the technical documentation or KB guides they've created as well.
With a quick search online for phishing or hoax emails, you'll find an abundance of more examples on research or educational blogs, in the image section of your Google search, etc. One of my favorite videos outside of the EE Community on how phishing emails are constructed is from NetworkChuck. Please be aware you should NEVER try to do this of course, but it is good to get a behind-the-scenes idea of phishing emails.