Email clients and web browsers top the list of applications used to trigger the ransomware payload. It’s critical that organizations get a handle on their email traffic if they are going to protect against phishing and spearphishing attacks. The big problem, however, is that the ransomware threat extends well beyond the email traffic itself to encompass any file with macros – that is, embedded scripts that contain programming code.

Recent research from Mimecast also points to resurgence in this macro attack technique:

• 50% of firms saw an increase in email attacks that use macros in attachments 
• 44% saw increase in attacks with social engineering asking users to enable macros

This Dark Reading slide show  covers the following tips:

• Disable macros
• Use only essential applications
• Enable email attachment sandboxing
• Neutralize active code at the gateway
• Train and educate

Read the FULL ARTICLE