The single click that costs you a week of cleanup almost always looks innocent. Here's how to spot the lure.
Antivirus is good now. Browser security is good now. The biggest remaining attack vector is the user clicking Download on a file they shouldn't have. Modern malware is almost always delivered by a willing click, not by a vulnerability — which means the only fix is a brief moment of suspicion before you save and open.
These are programs. If you arrived at a webpage and it offered you one of these, walk away. Legitimate software downloads come from the vendor's own site, not from a popup. If you genuinely need a free tool, type the tool's name into Google, click the result that goes to the vendor's domain, and download from there.
A Word doc, Excel sheet, or PowerPoint that prompts you to Enable Content is asking permission to run code. Real documents don't need to do this. The prompt itself is the warning sign. Close the file and ask whoever sent it whether they intended it — using a known phone number, not the email reply.
ZIPs hide what's inside until you open them. Attackers use them because they bypass most email gateway scanners. If an external email contains a ZIP, treat it as a high-risk attachment by default. If the sender is genuine, they can resend the file uncompressed.
Two newer tricks: .lnk Windows shortcuts that quietly run a hidden script, and .iso files that mount as a drive and contain a hidden executable. Both bypass Microsoft's Mark-of-the-Web protection. If you see either as an email attachment, delete the email — there is no legitimate reason a supplier emails these.
A PDF that opens and tells you to click a link to log in to DocuSign / SharePoint / Microsoft to see the real document is phishing. Real DocuSign and SharePoint emails come from those services directly, not as PDF attachments. Close the PDF, delete the email.
Whether the sender is your accountant, your supplier, your manager, or a client — the rule is the same. Unexpected attachment, no matter how plausible the subject line, gets a 60-second verification call before it gets opened. The person sending it doesn't mind being called. The criminal pretending to send it doesn't answer the phone.
Dodgy downloads are usually the last step of a longer scam. Catch it earlier with the rest.
If you've just clicked or run something that worries you, disconnect from the network (turn off WiFi, unplug ethernet) and call us. The first hour of an incident determines how bad it gets — we'll triage with you live.
A Support Representative will get in touch.
A Support Representative will be in touch the same business day.
No deck, no pitch — walk your environment with a senior Australian practitioner. Confidential by default.
I built this business because I wanted to do Managed services properly — for a small number of clients, at a senior level, with the same person on the end of the phone every time. The work is too important and the stakes are too high for anything less.
Behind the formal qualifications: a Cyber Security degree from the University of the Sunshine Coast, currently working on my Master’s, plus a continuous stack of Microsoft, Acronis and Nerdio certifications — the ones that have to be renewed because the threats don’t stay still.
Behind the certifications: thirty years of doing the work. I cut my teeth in consulting, then went to Cisco on the team building the original iPhone — Cisco’s VoIP handset, the trademark Apple later acquired in the 2007 settlement. At TPG in 1999 I sold frame-relay networks when frame-relay was the cutting edge of business connectivity. I built and sold a Sydney-based MSP called Online IT before relocating to Perth.
Three decades of watching what’s actually changed and what hasn’t. The technology has changed almost beyond recognition. The principles haven’t. Identity first. Backup that has actually been tested. A senior practitioner who knows your environment. Calm in an incident. Honest answers when the answer is “no.”
That’s whedo.it. That’s the brief. That’s why long-tenure clients don’t leave.
— Warren Ephron, Director