IT security has never been more critical.  We are aware of more and more scams where attempts are made to  get around businesses anti-virus / anti-spam system on emails.

Instead of sending any malware or malicious links in an email, they set up a dropbox or similar file-sharing account and then send you a link to that (sometimes in the form of a QR code). The link itself is perfectly genuine, but the document it links to is the one that either has the malware included, or more often, has links to sites designed to get you to enter your username, password and other details for the scammers to then make use of.

As the link is genuine as far as your email system is concerned, then your sophisticated anti-virus / anti-scam measures are effectively useless.

If you then click on a link within the document your internet security software might pick up on something, but without a sender address to compare it to, there’s much more chance it will just see the link as genuine and allow you to proceed.

Even worse, sometimes these scams come from one of your genuine contacts who has had their account hacked, and so everything about the document, where it comes from etc is to all intents and purposes genuine, it’s just the destination that is malicious. If you are busy when you receive the email then there is the real risk you could see it, think it’s from your contact and open it without really thinking.

And of course, if you then enter things like your email address and password then consequences don’t bear thinking about!

So please continue to be vigilant, and if you are the slightest bit unsure about something, contact whoever helps you with your IT for advice.