Malicious Attachments Remain a Cybercriminal Threat Vector Favorite

CyberPanther

CyberPanther

Level 6
Thread author
Verified
Well-known
Oct 1, 2019
298
Content source
https://threatpost.com/malicious-attachments-remain-a-cybercriminal-threat-vector-favorite/158631/
Malicious attachments continue to be a top threat vector in the cybercriminal world, even as public awareness increases and tech companies amp up their defenses.
While attachment threat vectors are one of the oldest malware-spreading tricks in the books, email users are still clicking on malicious attachments that hit their inbox, whether it’s a purported “job offer” or a pretend “critical invoice.”
The reason why threat actors are still relying on this age-old tactic, researchers say, is that the attack is still working. Even with widespread public awareness about malicious file attachments, attackers are upping their game with new tricks to avoid detection, bypass email protections and more. The attack vector is still widespread enough where tech giants are re-inventing new ways to try to stomp it out, with Microsoft just this week rolling out a feature for Office 365 that aims to protect users against malicious attachments sent via email, for instance.
“Email attachments, such as PDF or Office files, are an easy vector to deliver malicious content to end users,” Mohit Tiwari, Co-Founder and CEO at Symmetry Systems, told Threatpost. “For enterprises, the risk is that malicious actors can use these attachments to establish a toe-hold at the outermost edges of the enterprise, and then wait and wind their way to the crown jewels in their data stores.”
New Tactics
The 2020 Verizon Data Breach Investigations Report (DBIR) found that email attachment is a top malware vector that leads to data breaches, with almost 20 percent of malware attacks being deployed via email attachments. Email links are the top vector with 40 percent of attacks using this method.
While malware-laced attachments such as ZIPs, PDF, and MS office files (including DOC and XLSM file attachments) are more commonly used attachments, researchers warn that threat actors are starting to look to newer attachments – like disc image files (ISO or IMG files that store the content and structure of an entire disk, like a DVD or Blue-Ray) – as a way to increasingly spread malware.
Click to expand...

threatpost.com

Malicious Attachments Remain a Cybercriminal Threat Vector Favorite

Malicious attachments continue to be a top threat vector in the cybercriminal world, even as public awareness increases and tech companies amp up their defenses.
threatpost.com threatpost.com
 
  • Like
Reactions: Andy Ful and ForgottenSeer 85179
You must log in or register to reply here.

Similar threads

Practical Response
    • Like
    • +Reputation
Scams & Phishing News Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing
Replies
8
Views
1,502
Security News
Practical Response
Practical Response
CyberTech
    • Like
    • HaHa
    • +Reputation
Serious Discussion Some Outlook.com users can't send emails with attachments
Replies
4
Views
459
Office, email and business apps
ForgottenSeer 100397
F
Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Beware: Hackers now use OneNote attachments to spread malware
Replies
3
Views
1,554
News Archive
spiritedawaymadmax
spiritedawaymadmax

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top