We talk quite a bit about malware in Chapter 11, but in this section we’re specifically concerned with the kinds of malware that are spread via email, since quite a bit of malware propagates that way.
Like phishing attacks, the trick is to avoid clicking—in this case on an attachment. The attachment is generally some form of executable file, which runs when you click on it. After installing itself, the malware checks your address book and sends a copy of itself as an attachment to everyone in your address book.
Most email filtering programs do a fairly good job of filtering out emails carrying malware payloads, but some still get through. Like phishing attacks, emails with malware don’t look legitimate, don’t address you by name, and often have bad grammar and writing. And of course, there’s the attachment, which you should definitely not click on. Rule of thumb for email attachments, don’t click on them unless you are absolutely convinced it is legitimate and from a trusted source.