Block e-mail file attachments

To help prevent social engineering threats from getting through to your end users, contributor Tony Bradley explains how you should filter or restrict e-mail file attachments.

The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return to the main page.

Malware is commonly spread through an infected e-mail file attachment. A user is duped into executing the file attachment, infecting his system and unleashing the threat on the internal network.

To minimize such social engineering threats, you can filter or restrict e-mail file attachments. Some e-mail clients, including the current versions of Microsoft's Outlook and Outlook Express, are preconfigured to deny known executable file types. At the very least, readily executable file types such as EXE, COM, PIF, BAT and others should be blocked at the mail gateways so they never get to the client machine. Many companies have created policies to only allow ZIP file attachments. This is slightly more secure, but viruses can still spread through these file attachments.

More information:

  • Tip: Keep attackers from phishing in your waters
  • Hardening Windows School: Mandate server message block (SMB) signing
  • Topic: Get best practices to set up and harden Exchange

    Click for the next tip in this series: Restrict outbound SMTP traffic
  • Dig Deeper on Enterprise desktop management

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.