Over the past few weeks J2 CSC malware and threat analysis have seen multiple methods to introduce malicious content, exploits and phishing throughout our customer base which were detected and stopped using various tools at our disposal.
With email, the top types of attacks detected are phishing and malware. The largest category are mails that had dangerous, malicious phishing content. Other threats included the common PDFDown-N attachments, these kind of attachments try to steal your login credentials and will prompt you to enter confidential information when you open, what appears to be, a safe pdf. Is has been interesting to see rtf exploits being detected at the gateway. These exploits will leverage vulnerabilities in unpatched office versions that will execute a payload when the rtf file is opened in Microsoft Word.
“A payload is the part of the private user text which could also contain malware such as worms or viruses which perform the malicious action such as deleting data, sending spam or encrypting data”