Computer Security Gmail Improving Security by Banning JavaScript Attachments

Gmail Improving Security by Banning JavaScript Attachments

gmail banning javascript attachmentsGmail was recently the brunt of a phishing attack that ultimately scoured countless accounts for their login credentials arming hackers with the ability to pilfer Google accounts. What is suspected to be an effort to thwart such attacks, Gmail is beefing up security by preventing JavaScript attachments.

Reportedly, according to a recent announcement out of Google, JavaScript or .js files will no longer be allowed to be transferred over Gmail email. Adding to the list of .exe, .bat, and .msc files, .js files will trigger a warning notification when users attempt to attach and send them through the Gmail service. The message will clearly read that it has been blocked because its contents present a potential security issue.

JavaScript Can Be for Good or Bad

Before divulging the complete scope of what makes up a malicious file, you must know that not all JavaScript files are bad. Though, in the recent years, hackers and cybercrooks have leveraged many .js files for the ill intent of spreading malware, which are commonly touted as malicious downloaders that transmit malware to an affected computer.

In the past, there have been cases where hackers created malicious downloaders out of JavaScript files and thus spread them through aggressive spam campaigns. Fortunately, many email clients, including Gmail, have placed limitations or blocks on transmitting various archived files, such as .zip, .bz2, .gz., or, .tgz, where malicious files can hide.

Hackers Could Abandon Gmail for Spreading Malicious JavaScript Files

In taking the precaution to block JavaScript files in Gmail, cybercrooks will have to look for other methods to spread malware through spam messages. What we can be sure of is that hackers will eventually find other avenues of spreading their malicious schemes and malware apart from using hacked Gmail accounts to attach malware-ridden JavaScript files.

Google has had rather aggressive efforts in the past to combat the spread and proliferation of malware through their many services. As an example, Google Drive already scans files that are smaller than 25 MB. Though, in knowing such, hackers may attempt to share or spread infected files that are larger than 25 MB. Still, computer users who are savvy enough will not want to download or share JavaScript files over 25 MB in the first place unless they are intentionally asking for trouble. Google plans to implement and enforce the JavaScript file attachment ban starting February 12, 2017.

As time progresses, we look to other large email services and providers to start limiting or denying JavaScript attachments or enacting methods to actively scan certain file types. After all, one of the primary methods of spreading Ransomware, which is among the most dangerous types of malware in recent years, is through spam message attachments which are often JavaScript files. The next time that you open up that questionable email attachment make sure it isn't the latest version of CryptoLocker Ransomware or Locky Ransomware. If you're not careful, your days ahead could be seriously troubled.

Loading...