How to block malicious JavaScript files in Windows environments

Attackers frequently send malicious JavaScript files through bogus emails. It's easy to block these files from reaching a hapless user. Here's how.

cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px
Solarseven / Getty Images

There have been several recent reports of fake updaters that spoof Google Chrome, Mozilla Firefox, and Internet Explorer landing pages. When the user clicks on the upgrade option, a JavaScript file is downloaded and executes malware. You have several options to block or change the default behavior to better protect workstations.

Block JavaScript at the email gateway

First and foremost, block .js and .jse file types at the email gateway. There is no logical reason to be receiving or sending JavaScript files to the average user. Review all the file types you block on a regular basis and allow only those file types you want to receive. You should also regularly review the files you allow through firewalls, email, file transfers and any other means. Clearly communicate to your users what file types are and are not allowed. For web-based portals, you can easily do this by documenting what is and is not allowed on the site.

Reassociate untrusted file types with another file type

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.