Currently, Google Gmail restricts only file types such as .exe, .msc, and .bat, but things are about to change as another file type will be joining that group, Android Headlines reported. Gmail will no longer allow Javascript attachments in the email because hackers have been increasingly using it with the phishing scams, according to Engadget. For the uninitiated, phishing is a technical term used to describe an attempt to obtain sensitive information by disguising as a trustworthy, legitimate website or sender in an email.
According to Dark Reading, a fully functional phishing page could look exactly like Google Gmail signing page, similar to what happened in the recent Gmail Phishing attack. The javascript attachments are known vector points for malware distribution. Once the users have downloaded the malicious attachments, hackers would be able to gain access to PCs and steal data or perform other types of cybercrimes.
However, it still possible to share Javascript files through two of various Google services: Google Drive and Google Cloud Storage. Although Google's Gmail restriction will definitely be a big help for most users, but there is also a possibility that malware creators will be able to look for other distribution methods.
This is because hackers and malware developers are getting too creative and smart these days. They also have good track records of learning new malware distribution methods when traditional means are no longer effective. Nonetheless, other ways to prevent them are also going to be discovered.
