Malicious email attachments that infect Windows

To stay safe on the internet, one must learn to recognize the malicious attachments commonly used in electronic phishing for the distribution of malware.

When distributing malware, hackers create malicious campaigns that pretend to be invoices, invitations, payment information, shipping information, eFaxes, voicemails and more. These e-mails include malicious Word and Excel attachments or links to them, which, when opened and activated macros, install malware on a computer.

BazaarLoader

BazarLoader is a malware that targets companies and was developed by the same team behind the TrickBot trojan. During installation, hackers use BazarLoader / BazarBackdoor to remotely access your computer, which is then used to compromise the rest of your network.

Dridex

Dridex is an advanced and modular first spotted in 2014 and constantly updated.

When it infects a machine, Dridex downloads various modules that can be used to steal passwords, gain remote access to a computer, or perform other malicious activities.

Emotet

The Emotet is the most common malware through spam emails that contain malicious Word or Excel documents. Once it infects a machine, Emotet steals the victim's email and uses the infected computer to send spam to recipients worldwide.

The infected with Emotet will eventually be further infected with trojans like the TrickBot and QakBot. Both Trojans are used to steal passwords, cookies, files, and gain access to an entire organization's network.

QakBot

QakBot, or QBot, is a banking trojan that spreads via phishing emails containing malicious Microsoft Word documents, usually in .

QakBot is a modular Trojan that includes the ability to steal banking information, install other malware, or provide remote access to an infected machine.

summarizing

Finally, you should never open attachments that end with the .vbs, .js, .exe, .ps1, .jar, .bat, .com, or .scr extensions, as they can be used to execute commands on a computer.

As most email services, such as Office and Gmail, block “executable” attachments, malware distributors send files compressed to be protected with access. The password is included in the email.

Unfortunately, Microsoft has decided to hide file extensions by default, which allows malicious users to defraud their victims.

If you receive an email containing one of these file types, it is almost certainly malicious and should be deleted immediately!

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

Emailwindows

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).