Emails with malicious email attachments are designed to get viruses, malware, Trojans, and more onto their victim’s computer—and ultimately into the company’s network, so they can either destroy data or steal information. Some of these threats can even enable hackers access to take control of a user’s computer. As such, they pose a serious threat to businesses.
Cybercriminals use different techniques to cloak malware in file attachments with the intent of tricking email scanning technologies and users. They typically send attachments with email content that convinces users to believe it’s legitimate. In this example, the hackers use Maersk—one of the world’s largest logistics companies—to try to infiltrate a Maersk customer’s account by prompting the user to download shipping documents.
Initially, the HTML attachment seems legitimate. It’s also a commonly used file type. While many users may recognize that .EXE and .PDF files are potentially malicious, many won’t think twice about opening an HTML attachment. However, HTML attachments are often used to deliver malware code to endpoints through embedded JavaScript. There is also an uptick in cybercriminals using HTML attachments to embed URL redirects that aim to trick antivirus scanning software or deliver the recipient to non-legitimate web pages. Once again, users should hover over the links to ensure it redirects to a secure URL. In the case of attachments, industry experts advise to first save the attachment to a downloads folder from where the true file type can be viewed. Finally, a generic greeting should also spark concern—legitimate companies often address the recipient by name.
Reducing your risk
Three things you can start doing today to help reduce your risk and that of your customers are:
- Practice strong in-house security—including patching, putting up firewalls, running backup, and adding a professional email security solution. It also includes investing in advanced endpoint protection. Make sure to monitor for threats with advanced threat detection tools and use a password management tool.
- Help customers establish and maintain a culture of security.
- Teach users how to spot malicious emails. Share simple tips like the ones we discussed above—check the URLs in email to ensure it redirects to legitimate web pages, be on the lookout for malicious email attachments, and save the attachment to a downloads folder from where the file type can be viewed first before opening it. File types such as .JS, .EXE, .COM, .PIF, .SCR, .HTA, .vbs, .wsf, .jse, or .jar are malicious file types you shouldn’t open, though as we’ve seen above, HTML files can also be malicious.
One malicious email can cause a lot of damage to you and your customer’s businesses. Employing professional-grade email protection to prevent malware from getting into yours—and your customers’—networks, can help stop and mitigate damage by:
- Defending against cyberattacks that infiltrate through email-borne threats
- Giving users greater control and visibility over email flow
- Protecting intellectual property and business data
- Boosting uptime and increase productivity
Try SolarWinds® Mail Assure Free for 30 days
Mia Thompson is product marketing manager, Mail Assure, at SolarWinds MSP.
Sources
i Get One Step Ahead of Email Threats, FireEye (Accessed February 2020).
ii 2018 Data Breach Investigations Report, Verizon (Accessed February 2020).
iii 2019 Data Breach Investigations Report, Verizon (Accessed January 2020).