[BreachExchange] 3 Most Dangerous Email Attachments To Avoid

Destry Winant destry at riskbasedsecurity.com
Fri May 31 10:17:07 EDT 2019


https://www.cso.com.au/article/662238/3-most-dangerous-email-attachments-avoid/

By now, almost anyone who uses email on a regular basis is aware some
messages contain malicious links or social engineering attempts. But,
what are the most dangerous types of email attachments? Would you know
how to spot them, or how to prevent being victimized?

Why Infiltrate Email?

There are many answers to the question "Why would someone want to
cause innocent people harm?" among them are:

- Monetary gain
- Because it's a challenge
- For the love of causing mischief

Email scams and malicious content aren't going to disappear any time
soon. But, knowing where your threats are coming from and how to spot
them allows you to protect your personal information and bank
accounts. Many are hidden threats, but they leave evidence that should
make you suspicious, like their content and extensions. Many malicious
attachments end in:

- .exe, which is an executable file, usually used for installing software
- .msi, which mimics authentic files from Microsoft
- .js, which is the extension for JavaScript files that many platforms
run automatically, and they can't tell good from faulty ones.

Here are the five top email threats that could be landing in your
inbox soon if they aren’t already there. Most that didn’t make the
list are just variations on a theme.

Ransomware

In case you've been living on a desert island without access to media,
ransomware attacks were the new black last year. These cyber crimes
allow hackers to take advantage of security vulnerabilities and hold
your data hostage for money. It's like kidnapping your sensitive
information, hence the name.

How Does it Work?

Thieves insert coding into emails and other formats via hidden files,
links, or by altering existing code. It hides inside your system until
you release it by opening a file containing the code. Once released,
command lines lock you and other users out of their files and devices
until the mastermind is paid for the unlock code or key. Whether they
get paid or not, it’s likely you’ll end up still locked out of your
files or they might be destroyed.

How to Protect Yourself

- Install a firewall.
- Don't open messages or click links from someone you don't know, and
warn friends and business associates not open any or send them to you.
- Use data leak protection mechanisms like private networks and encryption.
- Update your anti-spam and anti-malware apps as soon as patches or
updates are available.

Zero Day Exploits

Even the most meticulous coders and developers can inadvertently
overlook security flaws. Many of these are caught and patched quickly,
but there are people who do nothing but look for ways to infiltrate
emails and networks. Once they're in, they can hijack sessions, insert
coding to redirect your web traffic, or hold your information hostage.

How Does it Work?

The hacker tries various ways to get into databases or hijack sessions
by finding and exploiting overlooked areas or those that have weak
security. This can be from the end user or admin side. Once in, they
insert code that's written to perform whatever mischief that's on
their mind. Because these attacks hit hidden flaws, they're often not
caught for months.

How to Protect Yourself

You can install updates for security patches as soon as they become
available, and use industrial-strength privacy protections like VPNs.
But, the most important thing you can do to prevent this kind of
malicious email attack is to perform comprehensive pen testing to
probe for hidden security flaws.

Social Engineering

No, this isn't the plot of some dystopian science fiction novel. It's
a form of manipulation that involves deception and intrigue. The most
common one was the "Nigerian Prince" scams that were created as a way
to trick people into providing passwords, credit card or bank account
numbers, and other sensitive information so they can steal your money
and/or identity.

How Does it Work?

The potential thief sends carefully worded emails that are designed to
make the victim think they've won money or are being given a golden
and exclusive opportunity.

How to Protect Yourself

Always remember the adage "If something seems too good to be true, it
probably is. It should go without saying that you never give someone
you don't know money, airline tickets, or access to your bank account
no matter how good their pitch. Ignore unsolicited sales offers.

Phishing and Spear Phishing

Phishing is a form of social engineering in that it uses trickery to
convince the target to reveal personal or sensitive information. It's
usually sent in bulk mailings in order to increase the number of
successful responses. Spear Phishing is the same type of thing, but it
targets individuals or organizations rather than random people. Often,
the attacker will send an email that looks official, like a PayPal or
Twitter letterhead

How Does it Work?

You get an email saying that there's a problem with an account or
delivery of some merchandise you've supposedly ordered, and they need
your password, credit card, or banking information to straighten it
out. Some will ask you to click a link that's supposedly to an
official website, but it really goes straight to them. When you try to
log on to your account they record the keystrokes.

How to Protect Yourself

Compare recent legitimate correspondence with the suspicious one.
You'll usually notice tiny differences in formatting or headings. You
can also contact the company through a known official route and ask if
they contacted you. Most companies will never ask for your password or
credit card info.

Key Logging

Keyloggers are little programs hidden in the coding for videos or
emails. They run quietly in the background and record your keystrokes
as you go about your business. This tells them everything you type in
during browsing sessions, including your passwords and private
information.

How Does it Work?

The criminal sends a video or other content with instructions to click
the link to see something cool or useful. Clicking the link gives them
access to your accounts. This is also common on social media in the
guise of chain letters or viral videos that are sent to your friends
and contacts.

How to Protect Yourself

Don't open or spread chain mail. You should also avoid clicking on any
link that looks suspicious. Immediately if not sooner, install a
virtual private network (VPN). For around five bucks a month, the best
VPN service providers encrypt your session information, including
identity, activity, and personal information, making it appear as
gibberish to anyone looking in.

Read the fine print when comparing the best VPNs, and don’t pull the
trigger until you’ve carefully considered their data privacy policies.
Some providers aren’t as dedicated to your anonymity as others and log
user identities or sessions to sell to advertisers, or give to
government agencies upon request.

Dishonorable Mention: Spam

Almost everyone knows what spam is. It's those unsolicited sales
pitches that used to clutter up your inbox until providers introduced
filters, right?

Well, yes and no. Spam certainly does flood many an unprotected inbox,
but it's more than just the digital equivalent of annoying junk mail.
It's also the most common delivery method for ransomware.

You can avoid spam by using an email provider that has up-to-date spam
filters, adjusting your inbox settings, blocking bad actors or
unknowns, and making sure that welcome senders are added to your
contact list.

Final Thoughts

Email scams have been around almost as long as the messaging medium
itself. Even someone who carefully applies best practices to all areas
of their business can be fooled if the enticement is clever enough.

Scammers and cyber criminals are never going away, and neither is the
need for email in business or personal correspondence. Your best bet
is to keep abreast of the latest threats and variations, and take as
many precautions as you can to protect your accounts. No matter how
clever criminals become, there are measures you can take to reduce the
chances of being the next victim.


More information about the BreachExchange mailing list