Back to Attack Glossary

Malware

What are Malware Attacks?

The purpose of a malware attack is to install malicious software on a victim’s computer. Short for “malicious software,” malware is a file or code that can be used to conduct any type of harmful behavior the attacker designs.

How Does a Malware Attack Typically Work?

Like other types of cyber attacks, malware is disproportionately delivered through email, but can also be distributed using other methods, such as Remote Desktop Protocol (RDP) access and drive-by downloads from compromised websites. There are many kinds of malware, but most attackers use malware to infect, explore, steal, and exfiltrate data from their victims. Some of the more common types of malware distributed through email include the following:

  • Ransomware: Any type of extortion malware that locks your computer and demands payment in exchange for freeing your systems.

  • Remote Access Trojan (RAT): Malware that allows an attacker to take control of a victim’s computer.

  • Spyware: Malware that collects data and/or information without a person’s consent, which may include keyloggers, information stealers, or adware.

  • Trojan: A piece of malware that disguises itself as a legitimate application, such as a Word document or Excel spreadsheet.

Why Does Malware Bypass Traditional Email Security?

Sophisticated threat actors can couch malware in a seemingly normal email. While traditional email security can detect an obviously malicious attachment, attackers can hide the malware and trick victims into accessing it.

For example, an email may contain a legitimate-looking URL, but that URL redirects to a malicious site. Or it’s a harmless-looking document with instructions to download a form, which is in reality a malicious file. Traditional email security won’t spot anything suspicious in these emails.

Attackers can send such emails with a plausible story that tricks victims into interacting. When malware is hidden and sent alongside legitimate requests, or when it is part of a multi-step process, it can be difficult for targets to spot the danger.

How Can Modern Email Security Detect Malware?

Attackers send hidden malware alongside social engineering tactics to trick a victim into interacting with it. Modern email security can scan emails for suspicious links and attachments and detect suspicious requests that are a cornerstone of malware delivery—even when they use never-before-seen URLs.

Suspicious requests often come with manufactured urgency, and behavioral-based email security can detect these tone and context irregularities. Spoofed email addresses and rewritten URLs are also hallmarks of malware attacks that modern email security detects. When combined, these indicators provide enough insight to block these malware attacks.

Recent Examples of Malware Attacks

Malware Attack Features Impersonation of Attorney and Malicious Attachment Disguised as Subpoena
See Attack Details
Attacker Utilizes Calendar Attachment and Fake Cryptocurrency Payment to Spread Malware
See Attack Details
Likely AI-Generated Microsoft Impersonator Sends Fake Attachment in Malware Attack
See Attack Details

Get the Latest Email Security Insights

Subscribe to our monthly newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get the Latest from Abnormal Intelligence

©2024 Abnormal Security Corp. All rights reserved.