Skip to main content

Beware: Malicious email attachments are making a return

Email danger isn't new, and we've all been (hopefully) vigilant for years. Don't open attachments is the general rule, though there are some obvious exceptions - the person confirms they sent it to you.

Otherwise, a message from someone you know may very well not have not been sent by them - I got one a few days ago from a company contact and it had a file attached. Don't open it! When I inquired she replied to me that the address had been hacked.

Absolutely nothing I've just said will protect my kids or parents - they will happily click away. The problem is, these things seemed to go away, at least mostly, but now they are on the comeback trail according to a new report.

Web links had become the new darling vector for attack, as cybercrimminals moved along with the times. Now, according to Security Intelligence, the old email trick is coming back into vogue. "Attachments can evade many of the defenses erected against malicious URLs. And in the social media age, they can be targeted to thousands of users and spread across networks within hours", the report claims.

CIO Insights reports that "Malicious attacks have shifted from URL-based campaigns, which dominated last year, to campaigns that rely on attachments to deliver malware payloads".

The blame seems to be with targeted attacks, something that has developed in recent times. This is spear phishing, and it's less generic than older methods that tended to be much easier to ignore.

Security Intelligence concludes that "By tracking large volumes of traffic, dynamic and predictive malware analytics can identify malicious attachments based on suspicious patterns that previously would have eluded detection".

In other words, it's still a jungle out there, but modern technology, including Big Data, is doing its best to tame that mess.

Image source: Shutterstock/bluebay