Phishing emails with malicious attachments or links are a favorite of the cybercriminal.
This is when the scammer sends an email pretending to be from a legitimate organization in an attempt to trick you into clicking a boobytrapped file. These types of attacks can be a very effective tool for fraudsters, especially in tricking the untrained eye.
But among all the file types that can be used for duping potential victims, this well-known format is the most popular for cyberattacks. Read on and you might be surprised.
This file type is a hacker favorite
Based on a report by Barracuda Networks, the PDF is the most used file type in cyberattacks. Nearly 41 million PDFs were found to be part of an attack in the last three months alone. That’s staggering!
Scammers typically send these malicious PDFs via phishing emails or links to their targeted victims, hoping to trick them into clicking the attachment.
They can be disguised as anything really. From receipts, delivery notices and invoices to eBooks and application forms, the trickery knows no bounds.
If you fall for a malicious PDF, the consequences can be severe. You and your organization can be infected with ransomware. Your files and data can be stolen. Hackers can install keyloggers, spying software, web hijackers and even take complete control of your computer.
Other file types to watch out for
The PDF format may be the most popular among cybercriminals but it is not the only exploitable file type.
Data formats such as RFTs and Office files like Word documents (.doc, .docx, etc.) and Excel (.xls, .xlsx, etc.) are also used for harboring malicious scripts and macros. According to Barracuda Networks, of the 70 million Office documents it has scanned in the last three months, it has detected more than 4.7 million malicious files.
Compressed file formats like ZIPs and RARs are the other popular file types for hiding malware. It is no wonder most companies are filtering and outright banning these formats out from their emails.
How to protect yourself
This is why it’s so important to be cautious about attachments or links you receive, even the ones that seem to be from a source you know and trust.
If you weren’t expecting an attachment file, but it came from someone you know, check with them before downloading it. If it’s from someone you don’t know, delete it. Legitimate companies don’t normally send unsolicited messages with attachments.
In addition, organizations should educate their employees about the dangers of clicking on suspicious attachments and links.
Beware of Office files that ask you to turn on macros, too. Contact the person who sent it and find out why it needs macros to work. It’s a good practice to disable macros anyway by default.
Always ensure that you have a reliable and secure backup of your files, too. This allows you to recover your data when malware disasters strike and will have you up and running in no time. For your online backup needs, we recommend IDrive.
In other news, hackers spreading malware through digital copies of ‘Fire and Fury’
Hackers tend to exploit popular trends too. We’re talking about the recently released book dealing with the Trump White House called “Fire and Fury.” It’s reported to be spreading malware. Click here to read more.