Stop Malicious Email Attachments
Published on 13 Aug 2022
Employees work with email attachments all the time, like when they read resumes, process invoices, get delivery notices, share financial statements, or work with outside parties on legal agreements. They often open them because they look safe. Cybercriminals are aware of this weakness and use it to their advantage.
Today's ransomware is often sent through email in the form of Microsoft Office or PDF files that have been hacked.
This is what cybercriminals do because it works. According to statistics from 2019, ransomware attacks cost businesses more than $7.5 billion.
Many legitimate applications, like the Microsoft Office Suite, are specifically whitelisted, but they can still be used to get around layered security and get a foothold in an organization from a single compromised host.
Even though malware detection is getting better, secure email gateways are getting better all the time, and user training is getting better, malicious email attachments are still getting through all the defenses and causing data to be stolen, lost, or even destroyed.
Traditional defenses just can't keep up with the sophisticated malware that spreads through email today.
We have the numbers:
- More than 90% of malicious email attachments can change into other things.
- .exe files spread 53% of viruses, 46% of hackers who spread
- Almost all malware is sent out through email.
Malware that is sent through email is cheap, effective, and always changing.
Here's what cybercriminals are doing right now that works:
- Ransomware encrypts the data on a victim's computer with a symmetric key, forcing the victim to pay the ransom or reimage the machine.
- It is common and is usually spread through malicious documents.
- Macro-enabled trojans drop malicious binaries on the host, which then connects to remote command-and-control servers to get more instructions and download more malicious code.
- Malware that doesn't leave files on the host uses tools like PowerShell to run commands without leaving any files on the host.
- Malicious links: These malicious links, which are hidden in seemingly harmless email attachments, are easy to get past multiple layers of security and cause a drive-by download or a browser exploit.
Hp Sure Click Enterprise Uses Application Isolation To Find Malware Hidden In Email Attachments.
Give users a virtual safety net against known and unknown threats by isolating high-risk content and providing actionable insights to help organizations improve their security. HP Sure Click Enterprise opens email attachments like Microsoft Office documents and PDFs in a separate micro-VM for security. This is done by using virtualization. Malware can start up and run, but it can't get to the endpoint or the network. Malware is trapped inside the micro-VM container, making it harmless to the user. When the user closes the email attachment, the malware is thrown away.
Enabling malware to run fully changes the culture of the help desk. Instead of complaining about IT security restrictions, end users are proud to report malware captures.
Download HP's whitepaper to learn more about Stop Malicious Email Attachments only on Whitepapers Online.