Cybercriminals are using innocent-looking Microsoft Word documents which include a less innocent pop-up that asks you to enable macros.
Cybercriminals are always finding new ways to bypass your security filters. In this scam, the bad guys start by sending a Microsoft Word document that has no malicious code or links within it. Once opened in Microsoft Word, the innocent-looking document includes a pop-up that asks you to enable macros. A macro, short for macroinstruction, is a set of commands that can be used to control Microsoft Word, Microsoft Excel, and other programs.
Here’s how the attack works: If you open the attached Microsoft Word document and enable macros, the document automatically downloads and opens an encrypted Microsoft Excel file. The Microsoft Excel file instructs Microsoft Word to write new commands into the same Microsoft Excel file. Once the new commands are added, the Microsoft Excel file automatically downloads and runs a dangerous piece of malware onto your device.
Use the tips below to avoid falling victim to an attack like this one:
- Never click a link or download an attachment from an email that you were not expecting.
- Before enabling macros for a file, contact the sender using an alternative line of communication, such as making a phone call or sending a text message. Verify who created the file, what the file contains, and why enabling macros is necessary.
- This type of attack isn’t exclusive to Microsoft products. The technique could easily be used on a number of other programs. Always think before you click.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.
