If you or someone on your staff opens one of these diabolic — yet seemingly innocent — email attachments, they can infect the office’s computers and make running your practice “hella” difficult until they’re fixed.

Email attachments are a common source of viruses and worms. When opened, they can give hackers control of your computer, enabling them to send copies of their message to every email address in your address book. Malware like this can do a lot of damage within your office and beyond — crippling computers, servers, and networks.

In this HIPAA Quick Tip, I’ll offer a few ideas on how to guard against the threat of viruses via email attachments:

Be suspicious of unsolicited attachments, even from your “peeps.”

Many of the programs hackers use are able to “spoof” return addresses, to make a message look like it came from someone you know. Before opening any attachments, if possible, check with the person who supposedly sent the message to make sure it’s legit.

Don’t open attachments from strangers. Ever.

Enough said.

Keep your software up to date.

When you’re current with the latest patches — or fixes — from the developers of your operating system, hackers move on, looking for easier inroads into the office computers of healthcare professionals who are not as conscientious — nor as HIPAA compliant — as you.

Turn off the option to automatically download email attachments.

Some email programs offer an automatic-download-of-attachments feature. If yours does, disable it. Now.

Trust your gut.

If an email or attachment seems at all suspicious, don’t open it. The following come under the category of “suspicious”: not related to work; not addressed to you by name; unexpected attachments or ones with unknown file extensions like .zip, .exe, .vbs., .bin, .pif, .zzx; topic lines like “Nice Pic!” or “Family Update!” or “Really Funny!” — that tempt you to click.

A good rule of thumb is to never open email attachments unless you’re sure about what you’re opening. Email security guidelines, like others connected to HIPAA compliance, boil down to this: Better safe than sorry.