Thursday, February 18, 2016

Macro malware continues...

We continue to see an uptick in the number of phishing emails with attachments that have macros in them. Here’s an example of an interesting one:

If you have the default macro setting in office, you would see the following message if you opened the file:

By enabling content (running the macro), your system would become seriously infected.

Here’s the checklist for avoiding these dangerous files:

  • Don’t immediately open attachments that you aren’t expecting. Make sure first that they are from a legitimate source.
  • IF the file asks to enable macros, be sure to verify the file with the sender before doing so.
  • NEVER configure Office to allow all macros to automatically run.

Stay suspicious…

No comments:

Post a Comment