Malwarebytes' Jerome Segura reports that emails with attachments that are not malicious executables but regular documents that have been exploited are still a big thing.
As far as malicious attachments go, the majority are zipped executables that often use the double extension trick (i.e. Invoice.doc.exe) and will directly infect a user’s PC as soon as they are ran.But there’s another type of malicious attachments, one that we seldom hear about, that may deceive a lot of people and sneak by your antivirus: regular documents that have been exploited.
Just a couple of days ago, we spotted a new wave of spam emails spewing malicious PDF files. The decoy, which purports to be an invoice, is directly attached to an email targeting small businesses:
Scan of Malicious PDF Link Email Attachment-
Virustotal Scan results
fake Amazon invoice
This is what happens in the background
0 comments:
Post a Comment