js file attachment malware detection.

Malware detection! Beware of .js file attachments

Have you ever received an email with a .js file as the attachment and wondered what it was? Well, you aren’t alone. The number of spam emails sent with .js file attachments is soaring; here at Spambrella more and more cases of malware detection are reported each month. These days, malware detection.

Bryan Burns, Vice President of Threat Research at Proofpoint offers a possible reason for this:

“Users have been trained to not click exe attachments, but many may not know what a “js” file is, or that it can be just as dangerous. The icon looks like a document which is somewhat confusing to users unfamiliar with this file type.”

What is a .js file and how can it be harmful?

A .js file is a one that has been written using the JavaScript programming language. JavaScript is commonly used on websites to make web pages interactive and dynamic. This type of programming is usually harmless, however, like many programming languages, JavaScript also has a ‘dark side’.

It can be used to spread malware on your computer when you open a malicious file. For example, opening up a .js file attachment in an email may prompt you to authorise an action or agree to some terms which then give the program permission to install and run on your machine.

Malware emails to watch out for

Many people know not to open file attachments from senders that they don’t recognise. Spam emails try to get around this by using a fear-factor to get you to open the attachment.

For example, you may receive an email from a company you don’t recognise thanking you for a payment, with an apparent invoice as an attachment. This is designed to make you think that your bank details have been hacked in order to force you to open the attachments to see how much money has been spent and what was purchased.

Similarly, they may tell you that you have won an amount of money, been refunded for a purchase or been given a tax rebate. They’ll often leave the exact amount a mystery so that you open the supposed ‘invoice’ or ‘receipt’ to find out.

In reality, all you will do is unleash the malicious, malware-infested files onto your computer.

In order to get around spam filters, the .js file may be contained in a .zip folder. When the .zip folder is opened and extracted, the user is then able to access and run the JavaScript programme.

As convincing as they can be, don’t let yourself fall for these scams. If you really are worried by the contents of an email, never open the attachments. Instead, log in to your online banking to see if any money has left or been added to your account.

SOURCES: