Email providers struggle to detect modified malicious documents: report

by

Azunta Gaviola

-

10 months ago

Be part of the forefront of innovation and reshape the future of retail and e-commerce! Making its highly anticipated return, MARKETECH APAC and UpTech Media partners for the Retail & E-Commerce Innovation Marketing & Tech Summit Malaysia 2025, happening on 22 May 2025 at Sheraton Petaling Jaya. Don’t miss out!

Singapore – While email providers such as Gmail and Outlook showed basic detection capabilities in identifying unmodified malicious document samples, recent study by browser security startup SquareX found that they struggle to identify modified malicious documents manipulated with readily accessible attack tools. 

The findings of the report showed that the widespread dependence on email services for secure communication raised crucial questions on the effectiveness of relying on existing email security measures.

With cyber threats becoming increasingly sophisticated, it was further observed that email providers seem unprepared to detect and intercept these emerging threats, leaving users vulnerable to exploitation.

Addressing the security gap, on the other hand, SquareX has launched an advanced in-browser malicious document scanning feature as part of its browser extension in beta. 

This move underscores the company’s commitment to enhancing web safety and encourages other companies to collaborate in safeguarding users and enterprises from cyber-attacks.

Vivek Ramachandran, founder and chief executive officer at SquareX, said, “The inadvertent discovery of this significant lapse in email security during our product enhancement process was startling.” 

“Our intention in making these findings public is to ignite a dialogue on the urgent need for reinforced security measures and encourage email providers to either elevate their security protocols or transparently acknowledge their current limitations,” he further explained. 

The study conducted involved the analysis of 100 malicious document samples which were categorised into four samples namely: (1) original malicious document samples from MalwareBazaar; (2) slightly altered malicious document samples from MalwareBazaar, such as changes in metadata and file formats; (3) malicious document samples modified using attack tools that have existed for many years; and (4) basic Macro-enabled documents that execute programs on user devices.

 

Happening in Singapore on 19-20 February 2025, the ‘What’s NEXT in Marketing: Singapore 2025’ event presents an exceptional opportunity for marketers and industry leaders to talk about the future of marketing and drive success in the Singaporean market! Register now to secure your slot!

The NEXT Awards 2025 has come, and we’re looking for the most innovative marketing campaigns from Indonesia, the Philippines, Malaysia, Singapore and Asia Pacific. Register your interest now and be the first to know when entries open!

Share

RECENT ARTICLES

Shopee to boost seller reach following SIP expansion in Singapore
Globavend scales up market presence in ANZ with recent collaborations
Singapore sees 24.7% decrease in web threats, second least affected in SEA in 2024: report
Ant International welcomes Jiang-Ming Yang as new chief innovation officer
Lan Anh Nguyen to spearhead AnyMind Group’s Vietnam operations as new country manager
Ellipse 3

RELATED ARTICLES

Shopee to boost seller reach following SIP expansion in Singapore_11zon
Globavend scales up market presence in ANZ with recent collaborations_11zon
Singapore sees 24
Ellipse 3

FEATURED ARTICLES

Shopee to boost seller reach following SIP expansion in Singapore_11zon
Globavend scales up market presence in ANZ with recent collaborations_11zon
Singapore sees 24

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.