Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware

Stu Sjouwerman | Dec 7, 2022

Popular File Types MalwareTaking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.

For years, we’ve seen attackers take advantage of the scripting functionality found in Office documents (e.g., macros using VB and PDF support for java) to enable the download and execution of malicious content. But it was inevitable that attackers would move on – with so many security sources being vocal about disabling macros and scripting, attackers had to find a new way to sneak their malicious content in via email.

According to HP Wolf Security’s Q3 Threat Insights Report, archive files now represent 44% of the files used to deliver malware, overtaking Office document found in only 32% of attacks. Attackers are leveraging the inability of security solutions to open archives (especially those protected with a password provided as part of a phishing attack) to obfuscate the true intentions.

Additionally, according to the report, attackers are focusing more energy on improving their social engineering, brand impersonation, and their use of built-in OS capabilities (instead of downloading malicious tools) to improve their chances of a successful attack.

All this adds up to more phishing attacks, craftier scams, and more victims falling prey because they aren’t interacting with email with a sense of vigilance – something taught through Security Awareness Training – to ensure that every time an unsolicited email is received, it’s scrutinized by the recipient as being malicious first until proven otherwise.

Topics: Malware

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.