What are ZIP or ISO attachment attacks?
Archive attacks use ZIP, ISO, or similar containers to deliver malware while evading security scanning. Some scanners struggle with nested archives, password-protected files, or less common formats.
ISO files are particularly effective because they can be mounted as virtual drives, bypassing Mark-of-the-Web protections that would otherwise warn about internet-sourced files.
Attack technique: email delivers archive claiming to contain invoice or document, user extracts and opens contents, malware executes. Password-protected archives are especially problematic as passwords prevent automated scanning.
Discover if your email filters can catch archive attacks. Open an AI assistant with your question pre-loaded — just add your details and send.
Was this answer helpful?
Thanks for your feedback!