Blog

Filter EXE and ZIP Email Attachments

Filter EXE and ZIP Email Attachments

Some email attachments are very risky to your network because they often carry viruses. Uncompressed ZIP files and EXE files are two examples. SecureWorks recommends you keep both off your network with email filtering.

What's an uncompressed ZIP file?

When you create a ZIP file, the software automatically compresses the files inside so the single ZIP file is smaller than all the sum of the individual files. An uncompressed ZIP has very little legitimate purpose. Virus writers, on the other hand, hide their creations in ZIP files because they know many email systems are configured to let them through.

How do I send or receive an EXE file?

If you need to send an EXE file but have enabled EXE attachment filtering, put the EXE in a (compressed!) ZIP file and email or use another transmission protocol, such as FTP.

How do I enable email filtering?

Email filtering can be done in 4 places: at the desktop, at the mail server, at the perimeter and "in the cloud". As a general rule, the further away from the desktop you can filter, the better. Since "in the cloud" is done before the email ever reaches your network, it is ideal. However, tools such as user quarantine are necessary for "in the cloud" services in order to provide flexibility and control for users.

Intrusion prevention blocks uncompressed ZIP's and EXE's

Stopping uncompressed ZIP and EXE email attachments is a feature of our Managed Network Intrusion Prevention service.


ABOUT THE AUTHOR
SECUREWORKS

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world detection data, security operations expertise, and threat intelligence and research. Taegis is embedded in the security operations of thousands of organizations around the world who use its advanced, AI-driven capabilities to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
Back to all Blogs

GET THE LATEST SECURITY UPDATES

Thank you for your submission.

Try Taegis Today

Request a demo to see how Taegis can reduce your risk, optimize your existing security investments, and fill your talent gaps.