Hacker Explains: This Is how To E-Mail Viruses Don't Go Online! Total Security

They are in Word documents, Excel files, even PDFs! But not every wrong click immediately leads to virus infection: a hacker explains.

 



At a Glance:

·         Fraudulent e-mail attachments are booming. Often times, your wallet is your primary target. Ransomware sent by email encrypts your data and only releases it for a ransom.
·         There are many avenues of attack: Sometimes hackers disguise the dangerous ".exe" applications as harmless documents. Effective attacks are also possible using macros in Word documents, Excel files, and PDFs.
·         The following applies to newer software: You are a little more secure with it, because not every careless click immediately leads to infection. If you ignore the first warning, the virus threatens with the next click.
·         Ethical hacker Bernd Dettmers explains how you can arm yourself against the dangers.

Not every hacker has evil on his mind. Some even help companies. They hack companies on their behalf and thus identify security gaps. Bernd Dettmers is such an ethical hacker. His IT security company Net. e - Networks Experts GmbH is committed to protecting companies. Dettmers knows the tricks of cybercriminals and knows how companies can protect themselves effectively.

"Ransomware Trojans stuck in the attachments of alleged applications are currently very popular again," says the Ethical Hacker. The latest example is the Gandcrab ransomware, which is attached to alleged cover letters.

Well Camouflaged: Virus in Use

But how much does one really have to go wrong to get infected with an email virus? Is a single double click enough? "In the Gandcrab case, the virus is in a .exe file in the attached zip archive," says Dettmers. For example, the malware has the awkward name: "Application and curriculum vitae 03.09.2018.exe". Easy to recognize: The .exe file extension reveals that it is an application - there is a high risk of unknown authors.

The steps to infection: If you only unzip the zip file, nothing will happen to you. “If the .exe file contained in the zip archive is executed, for example by double-clicking, it is too late,” says Dettmers.

Often .exe files are optically well camouflaged. Equipped, for example, with the symbol image of Acrobat Reader, a virus looks like a harmless PDF. Also: For many users, Windows hides the file extension by default. At first glance, you won't see what type of file it is. Only the iconic image, which can be easily falsified, indicates whether it is a Docx file, a PDF, or a .exe file. Only by clicking on the properties of the file does the file type really become visible.

Tip: You can display the file type permanently in Windows. To do this, open the folder and search options, click on View and look for the item in the list: Hide extensions for known file types. Now remove the tick from this checkbox.

Better Camouflaged: Macros in Documents

"An effective trick used by cybercriminals is to hide viruses and Trojans in macros within Word documents, Excel files, or even in PDFs," says IT specialist Bernd Dettmers. Macros are sub-programs that can be opened by the Office program, for example. If they contain malware, the computer will be infected when they run. "Anyone who uses newer software is usually warned in good time that the document contains macros," explains Dettmers. When using the latest Office programs or PDF readers, the first click does not lead to infection. However, if you ignore the subsequent warning and agree to activate the macros, you will also activate the malware.

Beware of Outdated Software

If software programs and operating systems are not up to date, they increase the risk of a successful attack. Take Microsoft Office as an example: "An old version of Office could load a document with a dangerous macro immediately without any additional warning and thus cause an infection as soon as a document is opened," says Bernd Dettmers. An old PDF reader could be just as dangerous. For example, when a malicious PDF file instructs him to reload content from the Internet. The PDF does not contain a virus here, but a control command that instructs the reader to download malware from the Internet. "A current reader would ask the user beforehand whether he should execute the command, an older reader might not," explains Dettmers. The security expert therefore advises:

·         Keep all programs such as Office applications, media players, Internet browsers and their plugins up to date.
·         You should also keep your operating system up-to-date at all times so that security gaps can be closed and your computer can be protected against newly discovered routes of infection.
·         Also, use good antivirus software and keep it up to date. "Antivirus the software has its place," emphasizes Dettmers. Current ransomware such as Gandcrab is also included in the databases of many antivirus programs within a short time after their first appearance and then recognized by them.

Stay Vigilant

But even if your operating system is up to date and your programs can save you from the last fatal click, Bernd Dettmers advises against opening suspicious files. After all, there is always a risk. Dettmers advises craftsmen to consider whether the sender is really trustworthy before the first click. To do this, ask yourself questions such as:

·         Is the e-mail was written in clean German or does it look like it was generated automatically?
·         Is the salutation plausible?
·         Does the content actually relate to my company, my job posting, or does something not fit together?

You can also have suspicious files checked. The protegent360.com website offers this service, for example. Every user can upload a file and lets total security test whether they work. This makes it easy for the user to find out whether there is cause for concern.

Don't forget: "Make sure you sensitize your employees to the topic", warns IT specialist Bernd Dettmers. Share your findings on IT threats with your team. Only if the entire company has the same level of knowledge and keeps an eye on digital security can you effectively reduce the risk of falling victim to a cyber attack.

Comments