Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.
For years, we’ve seen attackers take advantage of the scripting functionality found in Office documents (e.g., macros using VB and PDF support for java) to enable the download and execution of malicious content. But it was inevitable that attackers would move on – with so many security sources being vocal about disabling macros and scripting, attackers had to find a new way to sneak their malicious content in via email.
According to HP Wolf Security’s Q3 Threat Insights Report, archive files now represent 44% of the files used to deliver malware, overtaking Office document found in only 32% of attacks. Attackers are leveraging the inability of security solutions to open archives (especially those protected with a password provided as part of a phishing attack) to obfuscate the true intentions.
Additionally, according to the report, attackers are focusing more energy on improving their social engineering, brand impersonation, and their use of built-in OS capabilities (instead of downloading malicious tools) to improve their chances of a successful attack.
All this adds up to more phishing attacks, craftier scams, and more victims falling prey because they aren’t interacting with email with a sense of vigilance – something taught through Security Awareness Training – to ensure that every time an unsolicited email is received, it’s scrutinized by the recipient as being malicious first until proven otherwise.