There has been a tremendous increase in spam, phishing campaigns and malicious emails; various methods are used for inserting malware in the email attachments. In order to prevent yourself from being a victim of such attack, it has become extremely important to take all the proactive measures in order to get protection against such attacks that try to deceive the attachment scanning technologies.
For instance, it has been recently noticed that some leveraging techniques are used by the hackers and cyber thieves. These leveraging techniques prevent the virus scanners from analyzing the email attachment by making use of corrupted MIME headers or corrupted archives. Fortunately, there has been advancement in the scanning technologies that provide better protection against the malicious emails attachments.
Phishing and spam emails usually contain malicious attachments in direct sight or they may be covered or hidden in the zip/rar archives and Office documents as macros. If your computer has to be infected through an email attachment, the email often comprises of an executable file. These files can be detected through their file extension; be careful about the file extensions mentioned below:
‘exe’, ‘bat’, ‘com’, ‘cmd’, ‘cpl’, ‘js’, ‘jse’, ‘msi’, ‘msp’, ‘mst’, ‘paf’, ‘wsh’, ‘wsf’, ‘vbs’, ‘vbe’, ‘pscl’, ‘scr’, ‘lnk’
Most of the file extensions mentioned above are generally hidden within the zip archives in order to trick the spam filters.
Let’s have a closer look at some of the file extensions mentioned above:
.EXE : .exe is a Windows executable file and it is also one of the most damaging attachments that is received through an email. It is not a common phenomenon for people to send any executable file in the email as an attachment, therefore you must be cautious about such an email.
.MSI : .msi is an alternate format for Microsoft Installer that is used on Windows even though it is also possible to install the applications through a .exe file. Files with this extension might contain some malicious files coupled with another application thereby giving the impression that a legitimate application is being installed.
.JAR : JAR files are basically executable Java applications that work on the Java runtime environment to work on a specific machine. These files benefit from the vulnerabilities in the Java runtime environment and download or install malware on the computer.
.BAT : .BAT is a batch file that consists of a simple list of commands that are generally executed on the command prompt and used by the old MS-DOS.
.CMD : .cmd file extension is the same as the .bat file extension but the only difference is that .cmd is introduced in Windows NT. The effect is the same as the batch file.
.JS : .js is a JavaScript file that generally operates in the web browsers. Windows users do not have complete control over the OS and the OS runs the JavaScript files by itself with no sandboxing.
.VB/.VBS : These are visual basic script files that executes the embedded script code when it is run.
.PSC1 : This is a PowerShell script that is run on a Windows machine.
All the file extensions mentioned above are repeatedly used for spam and phishing activities and they can create a lot of damage to the unprotected computers.
How to protect yourself with SpamExperts?
The SpamExperts control panel consists of a feature known as ‘Block Dangerous Attachments’ that is present on the ‘Attachment Restrictions’ page in the default domain settings. On this specific page, all the file extensions mentioned above are blocked by default. When this feature is enabled, the zip archives are scanned three layers deep for detecting malicious applications. SpamExperts provides complete spam and virus filtering. MilesWeb has teamed up with SpamExperts to provide complete protection. SpamExperts has the capacity to filter 99% of the incoming emails before they reach your emails. SpamExperts can be used on any domain even if it is not hosted with MilesWeb. With SpamExperts an additional proactive security measure is added to your mail service that offers redundancy and ensures continuity.
