David Michaux: I remember when I started in this business in the late 90s, I was asked to interview a Russian candidate for a job, one of the first questions I asked her was “If you had an important Unix server, how would you make sure it’s secure?” I was expecting a detailed answer around hardening of the operating system, firewalls, IDS etc. he answer was simple “I would switch it off, dig a big hole and bury it in concrete, even then I wouldn’t tell you it’s secure!”. I hired her and haven’t regretted it since. So when asked “what is the most important characteristic of a great infosec professional in 2016?”, for me it’s the same as it’s always been; extreme paranoia and a great mistrust of vendors who promise the earth.
1. Look out for suspicious content. Is the email asking you to reply back with confidential information, such as your password or confirm your bank account number? Is the email asking you to take quick action, such as reply urgently? Companies do not contact their clients asking them to take urgent and immediate action via an email.
2. Is the email asking you to click on a link? If so, hover over the link (without clicking the link) the URL of the link will be displayed. Check if the link URL is directing you to the website of the company that the email is claiming to be from, or directing you to a different site. For example, is the URL "http://www.mybank.com/xxxxxx" or is it guiding you to "http://www.capturethisusersinfo.com/xxxxx".
3. Does the email include a password protected archive or PDF? Attackers usually password protect the malicious software they send, to prevent antivirus software from detecting the malware.