On the heels of the PDF spam rise, junk mailers are using another popular file format - Microsoft Excel - to dupe users, a messaging security firm reported this week.
"Most of the spam solutions don’t really handle attachments very well," he said. "They don’t actually analyze the contents."
The file-format tactic also combines a social engineering aspect, lending credibility, Azzopardi added.
"People are used to receiving these types of documents," he said.
Lev said he expects spammers to continue with this technique, potentially using PowerPoint or Word documents to package the unwanted mail. Attackers already have used Microsoft Office as a vector for malware that exploits vulnerabilities.
Experts suggest organizations contact their anti-spam vendor to ensure they offer support against PDF and Excel spam. As an alternative, administrators can block attachments or place restrictions on allowable sizes in hopes of weeding out the unwanted mail, Azzopardi said.
Click here to email reporter Dan Kaplan.