Russia Enters Top 10 Countries for Malicious Email Attachments

According to analysts from the antivirus company Kaspersky Lab, March 2022 saw a record number of malicious attachments in emails. Kaspersky’s email protection products detected and blocked malicious attachments more than 19 million times during that month.

The most common types of malicious attachments were executable files and office documents. Notably, the number of malicious office documents exceeded 5.5 million in March alone. Unfortunately, Russia was among the top 10 countries where such emails were most frequently distributed.

Why Office Documents Are Targeted

Cybercriminals often choose document formats for their attacks because, with the high volume of emails people receive, users may let their guard down and open files from suspicious senders. Email is the primary method for sending contracts, invoices, agreements, technical specifications, and similar documents, so recipients are less likely to scrutinize every file they receive.

Main Types of Malicious Documents

Kaspersky Lab highlights two main types of malicious documents:

• Documents that attempt to exploit vulnerabilities in office software
• Documents containing malicious macros

Files with malicious macros can download malware onto a computer—one prominent example is the Emotet trojan. These attack vectors are also used in targeted cyberattacks by advanced persistent threat (APT) groups.

Global Spread of Malicious Email Attachments

In addition to Russia, countries such as Italy, Vietnam, and Mexico also rank among those with the highest volumes of malicious email attachments.