a common instruction given to recipients of suspicious / malicious messages is to delete the message right away.
there are pros and cons to this action.
one of the pros: you are protecting yourself.
it is possible to get a virus even if all you do is open a message.
you don't always have to click the link within the message to get infected.
if you delete the message,
there'd be no message to open;
there'd be no link to click.
a con, you are deleting data and evidence, not just on your device but on the database side as well.
you can take a screenshot, yes, but that captures only the part visible to you.
there is so much more to messages than the content of the message itself.
there are technical details usually accessible only to administrators.
some of these details may be viewable to ordinary users (e.g. the software the sender used to compose the message,
encryption or lack of it,
the servers the message hopped through to get from the sender to the recipient),
but the recipients don't always know how to display them.
they normally won't have need for it anyway.
whether you delete the message or not, there will remain traces of it in the technical logs. for how long depends on the security and housekeeping policies. these logs could get very big so it is normal to put a limit on their size or on the period they cover. the logs could, however, be backed up so they could be preserved beyond the usual retention period.
deletion might be the preferrable action for most recipients of malicious messages.
for those who intend to go to court, however, it would be better to preserve the evidence on your end.
No comments:
Post a Comment