Emails that claim to be “Urgent” are highly likely to contain malware as attachments a new report reveals. FireEye released a report (view it here) that details a list of top words used in phishing emails (those are emails that pertain to be from various legitimate sources with the intent of infecting the machine or conning the user to give out important information).
The attackers mainly use zip files to hide their malware, ultimately aimed at gaining access to valuable corporate and intellectual data. It appears very few corporate establishments block these kinds of executables, which FireEye’s research confirms.
Now, .ZIP files represent the vast majority, 76.91%, of advanced malicious files. The complexity of
these attachments, which can contain many distinct files and file types, coupled with a lack of
user awareness of the danger of these file extensions, has made them a highly effective means for
distributing malware and effectively exploiting systems.
PDFs also pose a significant threat. These file types are ubiquitous and familiar to just about every
computer user. Further, many users are unaware of the fact that malware can be distributed through
PDF files, and malware embedded in these file types is proving to be difficult for conventional defenses
to detect. For all these reasons, PDFs provide cybercriminals with a very effective means of attack.