Microsoft added to its list of file extensions Outlook will block as attachments–the number is up to 142 (here’s the list). Files with these extensions, they assert, are prone to being weaponized and used to transmit malicious code to infect the recipient’s device. The ban is in place to protect “you and your recipients against computer viruses.”
What leaves me shaking my head is that in the next breath Microsoft instructs you to use the “workarounds” they outline, without offering any warning that these workarounds can leave the recipient just as vulnerable to a cyber attack as an attachment would. The outlined workarounds include suggesting the sender rename the file, attach it to the message, and instruct the recipient in the body of the email to rename the attached file upon receipt so they can open it. (That one mystifies me the most.) The other two suggestions are to save the file to the cloud and share a link with the intended recipient or use compression software, like WinZip, to mask the file type in transit.
[Read: Google Calendar Phish Attacking Users’ Cybersecurity & Privacy]
So if the file type is considered enough of a threat to ban it from transit, why would a file cloaked to pass through the system be any less threatening when the cloak is removed at the destination? Not to go Trekkie here, but a cloaked Romulan ship becomes all the more threatening at its destination precisely because you didn’t see it coming.
I share this information because you have to know what phishing attacks look like in order to avoid them (e.g., being asked to rename a file and open it) and realize that there are ways to temporarily “cloak” a malicious file. It’s also good to be aware that the list of types of files that can be used to transmit malicious code is long and diverse, but don’t accept this list as definitive. For example, it does not include the RTF type, which handily avoids common security measures freelancers, solopreneurs, and even lean startups are likely to have in place (RTF obfuscation).
[Read: That Ad Blocker You Installed? #Malware.]
The upshot? You can still be phished with a WinZip or a renamed file or, of course, a link. Continue to apply the common sense guidelines for avoiding getting phished.
And last, but not least, don’t interfere with your Spam filter or other protective measures put in place to save you from bad actors. In the past week I have heard many tales of people getting phished who pulled the malicious email with its attachment out of their Spam folder to open the email and open the attachment. It’s like folks who climb over the safety rail at the scenic overlook or the zoo–what good can come from actively circumventing safety measures put in place to protect you? (None. The answer is None.)
To learn more about cybersecurity for individuals and small businesses, check out the Freelancer’s Guide to Cybersecurity and its list of resources.
One thought on “Microsoft Blocks 142 Potentially Malicious File Extensions”