Are You Still Using Email to Transfer Files? Be Alert to the Risks It Brings!

E-mail is still the most popular attack medium. Legitimate e-mails are attacked during transmission and hijacked in complicated ways, while phishing emails try to deceive people with fake addresses, which is a typical phishing attack (e.g., Valak virus software).

How to respond to the chain attach via email?

Virus software purchases an email account through the email response chain. Attackers use phishing, violence or social engineering to access one or more email accounts, and then start to observe the conversation, and seek opportunities to send malicious software or malicious links to one or more participants in the ongoing communication chain.

What types of malware use response chains as attack vectors?

In 2017, the attack on the email response chain was first discovered. In 2018, Gozi ISFB/Ursnif Banking Trojan horse activities also began to use this technology; In other cases, attackers break legal accounts and use them to take over existing threads and spam attacks on other recipients. Malicious attachments can use VBScript and PowerShell to transfer workloads, such as emote, Ursnif, and other loaders or bank trojan malware.

Ordinary fraudulent emails are usually sent in the form of topics or short messages, which are easy to identify and have less chance of being deceived. However, attacks through e-mail response chains are often carefully considered, without grammatical errors and with clear semantics. This means that even the most cautious and well-trained employees may become victims.

Four methods to prevent email response chain attack

Since the response chain attack is based on account compromise, it should be ensured that all employees of the company follow the verified security procedures. These include two-factor or multi-factor authentication, with a password set for each account.

Secondly, the use of Office macros should be restricted or completely prohibited as much as possible. Although these are not the only means by which malicious attachments may endanger devices, macros are still common attack vectors.

Introducing safety awareness training is of great help to train employees to understand the dangers of phishing. E-mail users need to raise people's awareness of phishing attacks and how attackers develop their technologies.

Information assets are very valuable for enterprises, so it is better to deploy a data transfer solution as soon as possible instead of preventing this and that. Raysync adopts self-developed transfer protocol, which can help enterprises to quickly distribute large files or massive small files, and can provide the highest transfer speed with minimum system overhead regardless of the distance of transfer or the strength of network conditions; Security is also the focus of Raysync. The whole process of file transfer adopts financial AES-256 encryption transfer to ensure data security. The mechanism of breakpoint continuous transfer and error automatic retransfer ensures that the transfer can continue from the breakpoint after unexpected interruption of transfer, ensuring the integrity and reliability of file transfer, and monitoring the whole process log to ensure considerable, searchable and traceable data.