Email attachments you should be wary of

Email has undeniably become a vital part of our personal and professional lives. Unfortunately, those same emails can be an invitation to hackers to send emails with attachments that contain all sorts of malware. These can be viruses that make programs malfunction, ransomware that locks users out of their PCs and servers, or spyware that tracks internet usage and steals sensitive data.

Awareness is key here — this is why we at Arnet Technologies are sharing with you the top file types hackers use to deliver malicious software.

#1. Microsoft Office files

This might be difficult for some to accept, but hackers can, and do use Word documents, Excel spreadsheets, and PowerPoint presentations to deliver malware to unwitting victims. Hackers often target office workers and email them invoices, contracts, and important documents from senior management.

When someone downloads and opens one such Office file attachment, macros — mini-programs embedded in the file — are also opened, but don’t run immediately. Macros are disabled by default for security reasons, but the Office program being used to open the file does ask the user if they want to enable macros. This is the red flag that most people miss. They agree to let the macros run, thereby allowing these to commence as programmed and download the hackers’ malware.

One such malware delivered via Office macros is the banking Trojan called Ursnif. These are some of the main things that Ursnif can do, according to kaspersky.com:

  • Add web injects, i.e., malicious content that is inserted into or replaces original web page content (e.g., online banking form fields that ask for PIN codes; false account login dialog boxes)
  • Steal access credentials and personal data from web forms
  • Capture screenshots and intercept keystrokes

#2. PDF files

Similar to Office files and their macros are PDF files and their JavaScript programs. Spammers love to add phishing links in their PDF documents. These links often lead to fake websites that ask visitors to log in to their account. Once they press the submit button, they unwittingly send their credentials to the cybercriminals.

Download our free eBook!

Learn everything that you need about cyber security by reading our free eBook: 3 Essential types of cyber security solutions your business must have. This FREE eBook boils everything down to the basics and explains how small- and medium-sized businesses can optimize their solutions without breaking the bank.

Download now!

#3. RAR and ZIP files

Archives sent via email are risky because cybercriminals use these to deliver malware. The average user simply unpacks these without a second thought, but even if one looks into the contents of an archive, one wouldn’t really recognize malware files by name. To be safe, always use an updated malware detector before opening RAR and ZIP files.

Here are our top tips for keeping safe while using your email:

  • If an email is from an unknown source, never download the files attached to it, much less open them. Just ignore or delete emails with odd or suspicious subject lines.
  • Even if the name of the sender looks familiar, verify the From address to check if the name displayed matches the email address supplied. Transfer emails with mismatches to your spam folder immediately.
  • If you receive an unexpected file from someone you know, ask that person if they meant to send that file to you. Some infected files are actually sophisticated enough to make computer email copies of themselves to people in that device user’s contact lists.

Bad emails and malicious attachments are just some of the many data security threats that your company may be vulnerable to. To learn how you can keep your business safe, talk to our cybersecurity experts at Arnet Technologies. Arnet Technologies is the IT services company that businesses in the Greater Columbus Area rely on for comprehensive defenses against cybercriminals.


3 Essential Types Of Cyber Security Your Business Must HaveCLICK HERE!
+ +