AppRiver Blog

Something Wicked This Way Comes – To Your Inbox

Hackers are smart – and only getting smarter. They are continually honing their attacks and searching for the weakest link – and oftentimes that is a company’s employees.

Read More

BEC Attacks Evolving - Phishing via XPS Files

We've seen it time after time, malicious actors routinely attempt to confuse recipients of messages with obscure or lesser-utilized file extensions.

Over the past month, some phishing attempts using xps files instead of the typical pdf or doc/docx formats have been captured by our filters.  The xps file format is...

Read More

Think Your Business is Safe From Hackers?

Hackers are always on the lookout for easy targets. Make sure your business doesn't become one.

Read More

Office 365 Business Email Compromise Attacks Proliferate

Office 365 Business Email Compromise Attacks

The Office 365 (O365) platform has experienced tremendous growth and there is no sign of that trend slowing.  More businesses than ever reside with - or plan to migrate accounts to - the expanding Microsoft Business or Enterprise services. Scammers have taken notice and have...

Read More

Warning! Trojan Droppers Exploiting Symbolic Link (.SLK) Files

Trojan Droppers Exploiting Symbolic Link Files

Malicious actors routinely attempt to confuse recipients of messages with obscure file extensions to load malicious files on the victims machine.

For most users the .slk file is recognized in Microsoft Office software as an Excel file. However, as detailed here, it also is...

Read More

Necurs Botnet Launching Massive Ransomware Attacks

****Update: 12/29/2017 9 A.M.****

Necurs botnet operators continue to show unpredictability. Following the afternoon blog update yesterday they turned up the volume.  It ended up being our highest volume day of the year originating from the massive botnet.  We blocked 49,784,485 million ransomware messages destined to...

Read More

Assassination Threats Demand Bitcoin Ransom

Assassination Threats Demand Bitcoin Ransom

Processing more than a billion messages a month we tend to see the good, bad, and ugly emails of the internet. It's pretty rare a message will raise our eyebrows or fall into a "disturbing" category, especially for our team that sees the whole range of the underworld daily.

Read More

Move over Macros, Office DDE exploits arrive

Move over macros, Office DDE exploits arrive!

Office macros have been the primary choice of attacks by malicious actors for years.  IT administrators and users have learned to be cautious before running macros. The Dynamic Data Exchange (DDE) protocol has been around much longer but hadn't been used for attacks.  It's a...

Read More

Harvey Scam email appears, more on the way

Harvey Scam Example

After every large news event or natural disaster we see the associated scam emails.  The first Harvey scam email we've seen showed up the afternoon of Aug. 30.  It is a bit surprising it took that long for it to appear, we've been watching closely.  Unfortunately many more scam emails and registered...

Read More

Social Engineering Attack Escalation

Attack Overview and Statistics

SANS Institute conducted a survey on how attackers were able to compromise user devices.  They found 74 percent entered via an email attachment or email links, 48 percent from web based drive-by or download, and 30 percent through application vulnerabilities.  Phishing (72 percent), spyware...

Read More