iGuRu.gr New Technology in Real Time. Views & Tweaks

New Technology in Real Time. Views & Tweaks

home / News / Malicious email attachments that infect Windows

Malicious email attachments that infect Windows

in News

To stay safe on the Internet, one must learn to recognize malicious attachments commonly used in phishing emails to distribute malware.

Screenshot 2020 10 12 The most common malicious email attachments infecting Windows4 - Malicious email attachments infecting Windows

When distributing malware, hackers create malicious campaigns that pretend to be invoices, invitations, payment information, shipping information, eFaxes, voicemails and more. These e-mails include malicious Word and Excel attachments or links to them, which, when opened and activated macros, install malware on a computer.

BazarLoader

BazarLoader is a malware that targets companies and was developed by the same team behind the TrickBot trojan. During installation, hackers use BazarLoader / BazarBackdoor to remotely access your computer, which is then used to compromise the rest of your network.

Screenshot 2020 10 12 The most common malicious email attachments infecting Windows - Malicious email attachments infecting Windows

Dridex

Dridex is an advanced and modular banking Trojan that was first detected in 2014 and is constantly updated.

When it infects a machine, Dridex downloads various modules that can be used to steal passwords, provide remote access to a computer, or perform other malicious activities.

Screenshot 2020 10 12 The most common malicious email attachments infecting Windows1 - Malicious email attachments infecting Windows

Emotet

The Emotet is the most common malware through spam emails containing malicious Word or Excel documents. Once it infects a machine, Emotet steals the victim's email and uses the infected computer to send spam to recipients worldwide.

Users infected with Emotet will eventually be further infected with trojans such as TrickBot and QakBot. Both Trojans are used to steal passwords, cookies, files, and gain access to an entire organization's network.

Screenshot 2020 10 12 The most common malicious email attachments infecting Windows2 - Malicious email attachments infecting Windows

QakBot

QakBot, or QBot, is a banking trojan that spreads through phishing containing malicious Microsoft Word documents, usually to businesses.

QakBot is a modular Trojan that includes the ability to steal banking information, install other malware, or provide remote access to an infected machine.

Screenshot 2020 10 12 The most common malicious email attachments infecting Windows3 - Malicious email attachments infecting Windows

summarizing

Finally, you should never open attachments that end with the .vbs, .js, .exe, .ps1, .jar, .bat, .com, or .scr extensions, as they can be used to execute commands on a computer.

As most email services, such as Office and Gmail, block "executable" attachments, malware distributors send compressed files to password protect them. The password is included in the email.

Unfortunately, Microsoft has decided to hide file extensions by default, which allows malicious users to defraud their victims.

If you receive an email containing one of these file types, it is almost certainly malicious and should be deleted immediately!

Spread the news

Reader Interactions

Comment Policy:

IGuRu.gr does not post comments directly. Malicious comments, comments that include ads, or comments with insults are deleted without any notice. We do not adopt the views expressed by our readers.
Your comments will be displayed after approval by the administrators

Απάντηση