While malicious code may present itself in many forms, lately the most common infection method starts by sending a malicious email to an employee. Existence or execution of malicious code within the organization perimeter presents a high risk and has the potential to “take down” multiple company activities. This use case describes a scenario in which an email was delivered; and the host was likely infected.
Bad actors use malicious code to enter into an organization through email. This kind of hacking is very common. According to ProofPoint’s Protecting People report, corporate credential phishing via email has increased over 300% between Q2 and Q3 of 2018. Here’s one example of how it works: A victim clicks an attachment and starts the “process” suggested by the email; then, a downloaded document convinces the victim to disable security protection - enabling ActiveX or macros.