Malicious Attachments Remain a Cybercriminal Threat Vector Favorite

2020-08-27 12:00

While attachment threat vectors are one of the oldest malware-spreading tricks in the books, email users are still clicking on malicious attachments that hit their inbox, whether it's a purported "Job offer" or a pretend "Critical invoice."

The attack vector is still widespread enough where tech giants are re-inventing new ways to try to stomp it out, with Microsoft just this week rolling out a feature for Office 365 that aims to protect users against malicious attachments sent via email, for instance.

"Email attachments, such as PDF or Office files, are an easy vector to deliver malicious content to end users," Mohit Tiwari, Co-Founder and CEO at Symmetry Systems, told Threatpost.

The 2020 Verizon Data Breach Investigations Report found that email attachment is a top malware vector that leads to data breaches, with almost 20 percent of malware attacks being deployed via email attachments.

While malware-laced attachments such as ZIPs, PDF, and MS office files are more commonly used attachments, researchers warn that threat actors are starting to look to newer attachments - like disc image files - as a way to increasingly spread malware.

News URL

https://threatpost.com/malicious-attachments-remain-a-cybercriminal-threat-vector-favorite/158631/

#cybercriminal #threat