Following on from our previous post about the State of Malware report from Malwarebytes last week, a new warning has been released from the Microsoft Malware Protection Center that malware distributors are now using less suspicious and known file types in an attempt to make their emails look more genuine, and as such convince more users to open the files.
PDF, Word, Excel and even Powerpoint are all very common file types to be targeted by malware operators and it’s very important anyone receiving what looks like a fake email to be very cautious of opening any website links and/or attached files without being sure that the sender is genuine. This new wave of spam emails have switched things up a notch, and started to use .LNK files located inside ZIP archives in an attempt to get users to open them. Once opened, the .LNK files execute malicious PowerShell scripts that, in this case, download and install the Kovter click fraud Trojan on the user’s computer.
As always, caution must be the watchword for any email you receive that isn’t from a known sender or source, especially if it has attachements and/or hyperlinks within. LNK files in particular are not known to the majority of regular internet users, and aren’t typically the type of file used to send details on to others, so anything like this will definitely be suspect!