· .EXE
These files are Windows-executable files and some of the most dangerous attachments you can receive in an email. It is uncommon for people to send executable files in emails as attachments, so such an email should immediately raise a red flag.
· .MSI
This is another format for Microsoft Installer used on Windows, though applications can also be installed via an .EXE file. It may carry malicious files bundled into another application, thus giving the impression that it’s installing a legitimate application.
· .JAR
These are executable Java applications that use the Java runtime environment to run on a specific machine. These usually leverage Java runtime vulnerabilities and download/install malware on the affected computer.
· .BAT
This is a batch file that contains a simple list of commands usually run in the Command Prompt and originally used by the old MS-DOS.
· .CMD
These are the same thing as the .BAT extension, but introduced in Windows NT. The effect is the same as the batch file.
· .JS
This is a JavaScript file, which usually runs in web browsers. The main disadvantage for Windows users is that the OS runs JavaScript files by itself with no sandboxing.
· .VB/.VBS
This is a Visual Basic Script file that usually executes the script code embedded when run.
· . PSC1
This is a PowerShell script, which is executed on a Windows machine.
All these file extensions are constantly being used in spam and phishing campaigns, generating a lot of damage for unprotected computers.
It is critical to check what type of files you receive and refrain from opening any attachments containing the above file extensions, especially if they come from unknown sources. To help ensure you and your business are protected from spam, phishing, and all email-borne threats, always deploy an email security solution as part of your security strategy.
How can you protect yourself using Mail Assure?
In the SolarWinds Mail Assure™ Control Panel, there is a feature called “Block Dangerous Attachments,” which is on the Attachment Restrictions page of the default domain settings. When this feature is enabled, all the file extensions listed above are blocked by default. On top of this, to help ensure there are no harmful files in the archive attachments, zip archives are being scanned for malicious applications.
To find out how SolarWinds Mail Assure can help you protect your systems, click here.
Sebastian Antonescu is the technical support team manager for the Mail Assure and SpamExperts brands.
© 2018 SolarWinds MSP UK Ltd. All rights reserved.
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.