Phishing attacks are undoubtedly one of the techniques most used by hackers to steal passwords. It is something that we can receive through email, SMS or even through a message on social networks. However, cybercriminals constantly modify their attacks to adapt them and go unnoticed. In this article we echo how they are using more and more RTF files.
They use RTF files to sneak Phishing
But what are RTF files? They are the acronym for Rich Text Format . It is compatible with most word processors, such as Microsoft Office. This makes it easy for a user to open or edit them. This causes them to be used by hackers as the gateway to attack systems.
A group of Proofpoint researchers found that hackers use malicious RTF templates . It takes advantage of legitimate functionality to replace the destination of a file with a fake URL, from which information can be stolen and that is where the attack begins.
It basically means that they put malicious website addresses into RTF files through the template function. This could later load malware into an application or steal Windows credentials. What is the problem with all this? An antivirus can scan that RTF file and consider it safe, even though it actually contains a bogus URL.
This is the trick that hackers are using to carry out Phishing attacks and not be detected by security measures. One more problem that is added to all the threats that are present in the network and that can compromise our systems in one way or another.
How to avoid Phishing attacks of this type
So what can we do to prevent Phishing attacks through RTF files? The main thing is clear: do not download RTF files . We must always make sure what types of files we are going to download and, of course, where they come from. Common sense in these cases is the best weapon to protect ourselves from Phishing and many other types of attacks.
In addition, we recommend having a good antivirus . It is true that they may not be enough to detect threats through RTF files, but an updated program could prevent many types of attacks and serve as a very important help to be more protected on the network.
On the other hand, keeping everything up to date is vital. By this we mean the operating system itself, the browser and any program that we have installed. This is essential to correct possible vulnerabilities and errors that appear. We must do so to prevent the entry of malicious software of this type that could compromise us.
Ultimately, hackers adapt once again and in this case use RTF files to carry out Phishing attacks. It is essential to be protected at all times and it is best to avoid downloading these types of files. It will also be essential to have security programs and keep everything up to date to avoid problems. Among other things, it is also essential to encrypt your backups in the cloud and avoid problems.
