Last Updated: 2016-08-28 22:07:38 UTC
by Guy Bruneau (Version: 1)
Some ways to protect against malicious email attachments:
- First step is to verify what your organization allows through the enterprise anti-malware gateway
- Delete or report to the security team any attachments which contains .exe but there are other files that can be malicious such as .bat, .cmd, .com, .cpl, .hta, .jar, .js, .msi, .pif, .reg. This list is not exhaustive
- Office or PDF documents received from unknown senders, they could contain malware
- Fake extensions or "double extensions" (i.e. .exe.jpg)
Last, obviously, nothing is foolproof, if unsure ask your security team to check the file.
 d4f9a9841d0b369dfe1a9a7f2f71a14e crlxa15dd4e.zip
 d1c5211c76b35b1bbc1b51b36a34228d 5042.zip
 8f690b5b5e2be8d242bf48dad4e2038e 5042.js
Guy Bruneau IPSS Inc.
gbruneau at isc dot sans dot edu