Showing results for 
Show  only  | Search instead for 
Did you mean: 
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 1 of 2

Problem with embedded and encoded Javascripts

Hi all

This week we've discovered some Mails with a nasty method how to sneak throught Email Gateway filters:

Mails come in pretending to have an embedded excel Spreadsheet hiding behind an excel icon graphic.

Behind that there is attached html-file that contains an embedded and encoded Javascript.


Here's an excerpt of the source code within the html file:


The Emailgateway does not detect any Javascript by filetype here, as it is a html/txt Document, and shows no offending code on the first glimpse.

Unescaping the Codesequence reveals a Phishing Site on this case.

In my opinion this is the prestep of the next Malware wave as this bypasses AV-Engine and Javascript Filetype detection.

If these mails manage to get pass the Antispam and Reputationfilters, and You have no Webgateway or Advanced Threat Defense, You're may be doomed.

Best Regards,


PS: Did some enhanced Testing on this. One solution can be to filter HTML attachments by Filetype. HTML Email Content is not affected on this, only attachments.

P.S.: If you find this post helpful, thank You for giving it a Kudo :o)
1 Reply
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 2

Re: Problem with embedded and encoded Javascripts

I might be a day late and a dollar short on this one, but...  If you create a custom compliance dictionary that applies to everything and contains the strings "<script" and/or "</script>", and then add that dictionary to the "Spam Terms" component of the anti-spam settings for your inbound mail rule, wouldn't that help stop these?  That should block anything inbound that appears to contain a script.  (Unless you actually do need to receive some messages containing scripts.)

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community