Whitepaper: Protection Against Blended E-mail Threats
Increasingly, a new attack vector is being used to lure users to download malware through methods other than e-mail attachments. Hackers using alternative channels to breach corporate IT systems are developing blended threats as a new tool of choice. E-mail blended threats use e-mail as the initial vehicle to launch the attack, without relying on attaching a virus to the e-mail itself. Examples include the use of HTML-based e-mails containing active content such as Java™, JavaScript™, or ActiveX™ or embedding URLs in the e-mail to link the user to Web sites where malware can be downloaded in the background often without user intervention. These attacks are missed by anti-virus products looking for malware attachments, and which have no ability to view the links and active content in the context of an end user, as well as by Web filters which may not block URLs based on malware, or not have yet viewed and rated a hacker’s newly-constructed Web site.
Some blended threats do not even require the user to click on links in the e-mail or visit a site. Active content embedded in the e-mail can be activated via the preview panel of the user’s e-mail program.
Avinti’s own research team has found up to 40% of all
e-mail contains URL links or active content, of which more
than 7% link the user to Web sites where malware is
downloaded to the user’s system.
As hackers are becoming more sophisticated, the use of new tools such as blended threats to obtain valuable financial and personal
information has increased. The use of blended threats that include URLs and active content in e-mail are undetectable by
traditional anti-virus products. The addition of Blended Threat Protection to Avinti’s iSolation Server makes it uniquely capable
of stopping these new threats quickly and effectively, before they reach the end user.
