Think twice before opening a suspicious email attachment

Manama : E-mails with attachments intended to steal your personal and financial data are on the rise, according to a recent report.

The report by Kaspersky Lab says that the use of e-mails to target people could be due to the enhanced security features browsers have as protection against infected and phishing websites. Also, the e-mails provide a very personal mode of communication, which enables cyber attackers to gain trust of their targets.

The e-mails contain an impressive list of attachments, including executable EXE files and office documents (DOC, DOCX, XLS, RTF) with embedded malicious macros, and programs written in Java and Javascript (JS files, JAR, WSF, WRN, and others), the report notes.

Also, the emails use different languages tailored to the targets’ probable familiarity. In addition to English, many other languages including Russian, Polish, German, French, Spanish, and Portuguese were reported to be used.

Imitations of unpaid bills notifications as well as business correspondence were commonly used and the attached files in many cases were Trojan downloader, says the report.

“Particular attention should be paid to emails containing Trojan downloaders that download the Locky encryptor. The attackers exploited a variety of file types to infect victim computers: at first they used DOC files with malicious macros, then JS scripts. In order to bypass filtering, the attackers made every malicious file within a single mass mailing unique. In addition, the emails had different content and were written in different languages. This doesn’t come as much of a surprise as attacks utilizing this encryptor were registered by Kaspersky in 114 countries around the world, “ the report warns.

The content of e-mails with Locky encryptor was mostly related to financial documents and thus added reason for the targets to fall victims to the attacks.

Another ruse used to trap users is to generate the fear of terrorist attacks among them and to suggest downloads that can forewarn them about explosive devices.

“In order to prevent terrorist attacks, security measures in many countries have been enhanced, and malicious spammers have been quick to take advantage. They try to convince recipients of mass mailings that a file attached in an email contained information that would help a mobile phone owner detect an explosive device moments before it was about to detonate. The email claimed the technology came from the US Department of Defense, and was easy to use,” the report says.

“Some emails were sent on behalf of US soldiers who were fighting against terrorism in Afghanistan and were looking for an intermediary to save and invest money for them. Yet another author claimed that he had not joined ISIS or any another terrorist organization, but as a Muslim he wanted to donate a large sum of money for good deeds. Another story was written on behalf of an American businessman who had lost half his business in Syria and Iraq because of the war and terrorism, and was looking for a partner to help him invest the remaining money.”