0
Yesterday, I have received this following suspicious email
Normally, I would not click on any of the email attachments if I am not sure about the origin of it. But yesterday, I accidentally opened it.
Just to make things clear, I don't recognize the name of the person sending it and I am not expecting any receipt of payment of any kind at the moment. Also, to make things more suspicious, the sender was using a gmail account. If it were for business purpose, all of my contants would use legit company email (eg. john@company.com).
When I opened the attachment file, all I can see is a blank page on both firefox and chrome.
Since the file is in .htm format and not an executable nor zip file, should I be worried that my computer/email is compromised?
UPDATE 1: This is the content of the attachment file:
I am on windows 8.1 64bits, no anti-virus is installed.
UPDATE 2: What actions should I take so that I can use my laptop safely again? Such as doing on line banking transaction? Note: I do not have any IT personal to access at the moment. So the most, I will have to re-install the window/ reset the window(windows 8.1 feature) ?
Yes; If you opened the file within a browser; You should indeed be worried. I would get the help of your IT staff to help you verify what it did exactly. – Ramhound – 2014-11-06T11:45:44.703
You can scan the file attachment at <www.virustotal.com> which will run it through 50+ virus scanners. While I would not consider the results conclusive, if you are told the file is malicious you'll at least have proof. That said, the file is malicious: 1) You don't know the sender, 2) you never made a payment for which you're expecting a receipt, 3) receipts aren't usually provided as HTML documents, 4) the .HTM file isn't an .HTM file of any interest to a human email recipient. – I say Reinstate Monica – 2014-11-12T01:16:51.827
@Twisty With my limited understanding, the java script from the browser do not have access to any of the file on the harddisk and all it can steal is cookies?Currently, I am wondering how much could that script cause harm to my system? – Chris Aung – 2014-11-12T01:40:36.233
@ChrisAung Have a look at this article in which it states
– I say Reinstate Monica – 2014-11-12T02:48:15.967You can get infected by just looking at the contents of an attachment.
It's also worth noting that our concern should not be limited to what malicious code can do if it follows the rules, but rather what it might do if it breaks the rules (e.g. by leveraging an exploit). – I say Reinstate Monica – 2014-11-12T03:43:26.143