Macro malware continues...

We continue to see an uptick in the number of phishing emails with attachments that have macros in them. Here’s an example of an interesting one:

If you have the default macro setting in office, you would see the following message if you opened the file:

By enabling content (running the macro), your system would become seriously infected.

Here’s the checklist for avoiding these dangerous files:

• Don’t immediately open attachments that you aren’t expecting. Make sure first that they are from a legitimate source.
• IF the file asks to enable macros, be sure to verify the file with the sender before doing so.
• NEVER configure Office to allow all macros to automatically run.

Stay suspicious…