

June 16, 2025 •Sherry Peng, Chief Privacy Officer at Agora and current president of WiCyS Colorado
An Innocent Email with Devastating Consequences
Sarah is a talented freelance graphic designer whose creativity and livelihood depends on her trusty laptop. One afternoon, amidst a flurry of project deadlines, she received an email from a prospective client. The subject line read: "Exciting Project Opportunity." The sender's name seemed familiar, perhaps a referral from a previous client. Eager to explore new work, Sarah opened the email to find a polite message outlining a potential project and an email attachment labeled "ProjectBrief.pdf." Without hesitation, she clicked on the attachment, anticipating the details of a new assignment.
Unbeknownst to Sarah, that single click set off a chain of events that would soon disrupt her professional and personal life. The attachment was a cleverly disguised piece of malware, designed to infiltrate her system silently. In the following days, Sarah noticed subtle changes: her laptop's performance deteriorated and applications crashed unexpectedly. She dismissed these issues as typical technical glitches, attributing them to her device's age and heavy usage.
However, the situation soon escalated. When Sarah attempted to log into her online banking to review her checking and savings accounts, only to find out that her password no longer worked. Panic set in as she contacted her bank, only to learn that substantial withdrawals had been made to three foreign accounts. Her savings, painstakingly accumulated over years of hard work, had vanished. Sarah soon realized she had fallen victim to a malware attack that infected her laptop, compromised her financial security, and potentially jeopardized her professional reputation too.
Malware is a computer program created by cyber-criminals to infiltrate, damage, or control computer systems or mobile devices without your consent or knowledge. The term is a combination of the words “malicious” and “software.” You have probably heard of viruses, worms, trojans, ransomware, and Spyware. These are all types of malwares.
What makes malware so dangerous is once your computer or device is infected, it can give the cyber- criminal total control without you even knowing it. It can silently capture your activities, including who you are communicating with, what you are saying, and your logins and passwords to your most important accounts.
Malware can also silently harvest all your files, including pictures, videos or sensitive documents. It can infect almost any system, smartphones, smart watches, or even smart devices in your home like your thermostat and door locks. Yes, even Apple iPhones and Mac computers can be infected if not secured properly.
Fortunately, there are several simple steps you can take right now to help prevent infection.
Sherry Peng is currently the Chief Privacy Officer at Agora. She started her career in local government and moved to the private sector after earning her Master's degree in Information Assurance/Cybersecurity. Sherry has worked in the security space for almost a decade and is the current president of WiCyS Colorado.
Reprinted with permission. The views, information, or opinions expressed in this article are solely those of the author and do not necessarily represent the views of Citizens State Bank and its affiliates, and Citizens State Bank is not responsible for and does not verify the accuracy of any information contained in this article or items hyperlinked within. This is for informational purposes and is no way intended to provide legal advice.