Return To Previous
You are here:

Malicious e-mails

Receiving Malicious emails and/or attachments

Please forward the email to, please remove anything personal you do not wish the postmaster to see.


Our SMTP network blocks specific attachments

Most multi-media files, archive files, text files, certificate files, PDF’s and non-macro Microsoft files are usually allowed (if detected as virus/malware free), however many other attachment file types are not permitted.


Traditional malicious items are often included within the attachment but this is easily solved via email scanners and email blacklists.

Traditional malicious attachments usually highlight an invoice or application for services. Sometimes common office based attachments like Microsoft Word or Excel is used for malicious attachments but these are now sent in lower numbers in favour of HTML attachments for malicious purposes.


HTML based attachments.

If your HTML attachment is a genuine service offering for email recipients, please email noting your organisation, the attachments and reason your attachments should be whitelisted.

If you require education on the term “phishing” (the method to obtain sensitive information) please read further at this Wikipedia link:

By themselves, HTML attachments do not contain any malware or virus payloads so these types of attachments pass through many email detection software without interruption.

Another issue with html based attachments is that the sourced HTML attachment content can link from genuine websites that were compromised by the malicious coder/user making filtering tasks by your ISP or email provider very hard as the websites hosting the HTML content could be one of any 1+ billion websites active.

The genuine senders of HTML attachments are usually financial institutions or secure access providers often used to simplify access to their own hosted services for end-users however, the frequency and familiarity of end-users seeing such attachments is open to misspelt domain name email sender attachments. e.g. bank labelled emails could actually from or so while everything within the email is familiar as the actual sender’s email content, the malicious email sender has found a way to send their HTML content and collect important details if the receiving user fills in the rendered HTML content and clicks submit like a normal website form.