Byte of Prevention Blog

Hackers Use MS Office Files to Deliver Malware

Pin on Pinterest Share on Google+ Share on LinkedIn

If you use Microsoft Office, you’re using the vehicle of choice for email hackers.

Microsoft Office formats like Word, PowerPoint and Excel are the favored file extensions for transmitting malware via email, accounting for 38 percent of cyber attacks. The next most popular delivery method: archived files such as .zip and .jar, which account for about 37 percent of malicious transmissions.

Rounding out the top three email threats are PDF files, accounting for nearly 14 percent of malicious file extensions.

Those are some of the findings from the Cisco Annual Cybersecurity Report.

Another study, the 2018 Hiscox Cyber Readiness Report, found that close to 75 percent of businesses worldwide (including law firms) are unprepared for a cyber attack. Only 11 percent were deemed to be cyber-safe.

Lawyers Mutual makes sure you stay on top of risks and threats that can affect your practice. Our Byte of Prevention blog brings you important news and updates. Our website contains a wealth of Practice Guides, checklists and resource links. And our Client Services Team is available to answer questions you and your team may have about cybersecurity.

Cyber Takeaway #1: Almost all malware is delivered in one of three ways.

According to the Cisco study, the Top 3 malicious file extensions – MS Office, archive files and pdfs – account for nearly 90 percent of email malware.

“That adversaries heavily employ archive files is not surprising, as they have long been favored places for malware,” according to the Cisco report. “Users must open archive files to see the contents—an important step in the infection chain for many threats. Malicious archive files also often find success in foiling automated analysis tools, especially when they contain threats that require user interaction for activation. Adversaries will also use obscure file types, such as .7z and .rar to evade detection.”

Cyber Takeaway #2: Social engineering is a launchpad for email attacks.

“Phishing and spear phishing emails were at the root of some of the biggest, headline-grabbing breaches in recent years,” the Cisco report says. “In 2017, tens of thousands of phishing attempts were reported monthly to the community-based, anti-phishing threat intelligence services included in our analysis. Threat actors in the phishing and spear phishing game are continuously refining social engineering methods to trick users into clicking malicious links or visiting fraudulent web page and providing credentials or other types of high value information. User training and accountability, and the application of email security technologies, remain crucial strategies for combatting these threats.”

Cyber Takeaway #3: Here are the common tactics used by email scammers.

  • Domain squatting: Domains named to look like valid domains (example: cisc0[dot]com).
  • Domain shadowing: Subdomains added under a valid domain without the owner’s knowledge (example: badstuff[dot]cisco[dot]com).
  • Maliciously registered domains: A domain created to serve malicious purposes (example: viqpbe[dot]top).
  • URL shorteners: A malicious URL disguised with a URL shortener (example: bitly[dot]com/random-string). Note: In the data we examined, Bitly.com was the URL-shortening tool adversaries used most. Malicious shortened URLs represented 2 percent of the phishing sites in our study.
  • Subdomain services: A site created under a subdomain server (example: mybadpage[dot]000webhost[dot]com).

Source: Cisco Report

Cyber Takeaway #4: Cyber insurance offers key protection.

According to the Hiscox report, one-third of businesses (including law firms) currently have standalone cyber coverage, while another 25 percent say they plan to purchase coverage in the coming year. That means 60 percent of businesses have – or will soon have – cyber protection.

Want to know how cyber insurance can protect your firm? Would you like to get a free quote? Contact Lawyers Insurance, the NBCA endorsed agency, today.

Lawyers Mutual is the only legal professional liability insurance company that has been protecting North Carolina lawyers continuously since 1977. Our motto, “Here Today, Here Tomorrow,” is more than a tagline. It’s our commitment to the lawyers in this state.

Related Posts

LM Portal Access your LM Portal for policy information and forms.
Need Insurance? See the difference service can make.
Payment Due? Make an online payment now.
Lawyers Mutual NC Logo

Get In Touch

Lawyers Mutual Insurance Company
1001 Winstead Drive, Suite 285

Cary, NC 27513

919.677.8900
 | 
1.800.662.8843

Fax: 919.677.9641

Latest Alerts

The Corporate Transparency Act: What North Carolina Law Firms Need to Know

Lawyers Mutual has published previous alerts regarding the new filing requirements under the Corporate Transparency Act (“CTA”) that went into effect January 1, 2024. After reviewing additional resources, we want to emphasize concerns that we have about the risks and increased potential liability for lawyers undertaking the reporting requirements. This is especially true for the continuing reporting requirements after entity formation and initial reporting.  

Learn More

eCourts Expansion Announced for 2024

The North Carolina Administrative Office of the Courts (NCAOC) recently announced additional go-live plans for counties transitioning from paper files to Enterprise Justice (Odyssey), which currently serves Harnett, Johnston, Lee, Mecklenburg and Wake counties. Twelve northeastern counties comprising Track 3, as previously announced, will go live on February 5, and 10 counties comprising Track 4 (Alamance, Chatham, Durham, Franklin, Granville, Guilford, Orange, Person, Vance and Warren) will go live on April 29.   

Learn More