At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware

    Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.

    For years, we’ve seen attackers take advantage of the scripting functionality found in Office documents (e.g., macros using VB and PDF support for java) to enable the download and execution of malicious content. But it was inevitable that attackers would move on – with so many security sources being vocal about disabling macros and scripting, attackers had to find a new way to sneak their malicious content in via email.

    According to HP Wolf Security’s Q3 Threat Insights Report, archive files now represent 44% of the files used to deliver malware, overtaking Office document found in only 32% of attacks. Attackers are leveraging the inability of security solutions to open archives (especially those protected with a password provided as part of a phishing attack) to obfuscate the true intentions.

    Additionally, according to the report, attackers are focusing more energy on improving their social engineering, brand impersonation, and their use of built-in OS capabilities (instead of downloading malicious tools) to improve their chances of a successful attack.

    All this adds up to more phishing attacks, craftier scams, and more victims falling prey because they aren’t interacting with email with a sense of vigilance – something taught through Security Awareness Training – to ensure that every time an unsolicited email is received, it’s scrutinized by the recipient as being malicious first until proven otherwise.

    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    Here’s how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 23 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
    Get RanSim!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top