Research Report

How to Identify and Analyze a Multi-Stage Document Attack

A malicious document is sent as an attachment in a phishing or spearphishing email. It only includes an embedded URL, with no malevolent code, enabling it to evade existing security solutions, like sandboxes and AV. The URL leverages an exploit, downloading malware to the user’s device. This is how a multi-stage attack, increasing in popularity and use by attackers, is launched.

Download this report to learn:

  • How Menlo Security Labs recently isolated a multi-stage document attack

  • The multiple tools, techniques and procedures (TTPs) attackers used to infect victims’ devices

  • How Menlo Security’s Isolation Platform was able to foil the attack before it could even start


As this attack technique grows in popularity, learn why a solution delivering both web and email protection and visibility is the choice of enterprises around the world.