HTML Tags

Some HTML tags are potentially dangerous to the extent that they can install ransomware.

Base HTML Tag link

A vulnerability known as baseStriker allows hackers to send malicious emails that bypass security systems

. HTML JS Redirect Attachment

HTML file attachments have been used to deliver malcode (usually via embedded Javascript) to endpoints. Your Email Security Gateway should protect you by removing or disarming the .HTML attachment.

RFC-Abused HTML Attachment

A Request for Comments (RFC) is a formal document from the ‘Internet Engineering Task Force’ (IETF), which sets Internet standards. If your email script's coding is not RFC compliant, mail servers should reject the email.

Our tests check the ability of your Email Security Gateway to detect threats in the message content.

Happy Christmas!

Email spoofing is the creation of email messages with a forged sender address. Hackers use this technique to launch a phishing attack on as many employees as possible.

Most email providers don't allow you to send executable or ".exe" files as, while many may be legitimate, they can be malicious and used to spread malware.

Test your system with an absolutely harmless file to see what could get through.

You’re probably covered by your current provider.  What’s peace of mind worth?

Test it out with this well-known code, known by all antivirus systems, to reassure yourself that your antivirus is functioning.

How well is your current email security protecting you from hidden malware URL’s in real-time, so that 0-day threats are blocked as soon as they’re detected?

This harmless email test will let you know.

Microsoft Outlook for Windows uses HTML comments as the conditional rendering engine. That means an attacker could exploit this feature by storing, for example, bad links in comments that are usually ignored by other email clients.

Our harmless test checks the ability of your email security solution to detect threats in the message content.

The zero width space (ZWSPs) is an Unicode character. It's white space, but renders with zero width so you don't see it.

This email tests the ability of your Email Security Gateway to detect zero width spaces used to bypass security features.

Active PDF

Adobe PDF Reader (and possibly other readers) contains a Javascript engine similar to the ones used by web browsers. This means that PDF documents are not purely static and may be used to fool a user (pop-up’s) or to send e-mails and HTTP requests automatically. To focus your minds, many recent vulnerabilities have been exploited using Javascript in PDF.

PDF with malicious text link

PDF files can contain text, images and links - or what we call a text link. Spammers increasingly use a PDF's ability to embed hyperlinks into documents so that recipients open malicious Web sites.
Our test automatically detects such text links making them active so you can just click on the link.

Attachment

Cybercriminals will employ new and even older techniques to compromise users and enterprises for profit. JavaScript malware in malspam campaigns are not new, but remain dangerous because it may no longer require executables or further interactions with the user to be launched.

Using Microsoft documents to deliver a payload is as old as Office itself and, over the years, many different attack vectors have been exploited.

Our test strips them out

Business Email Compromise (or Whaling) fraud is a phishing attack where the sender impersonates an executive, (often the CEO), and attempts to trick the victim into transferring funds or sensitive information.

Macro-formulas allow writing code by entering statements directly into cells, just like normal formulas. The macro-formulas that allow executing malicious code are named EXEC, RUN and CALL.

Also indirect formula generation is possible through the FORMULA.FILL statement, which creates a formula by gathering data from lots of different cells and making some transformations.

Our harmless test shows you if you’re protected.