There would be hardly any person in this globe who doesn't use Microsoft Word. It is omnipresent. Students use for their academic activities whereas the corporates live in these Word files the whole day.Cybercriminals have been using "Macros" within Excel, to push in malicious code into documents. It's one thing to ask people to download an unrecognized file such as .Raw or .exe in an email, its an another thing to embed malware within trusted MS word documents.
In a recent attack, it was observed that the hidden lines of Macro code can route the target's web traffic through a proxy server, which allows an attacker to intercept all the network traffic on the proxy. An attacker than steal all the usernames and passwords very easily.
In order for an attacker to trick a user to open such emails, he social engineers the victim and impersonates himself as someone else. Hence, the message seems to appear from a very close trustworthy entity or complete strangers asking you to check out the Word file.
Things to do :
1) Check for email sender's authenticity :
Cybercriminals use official logos and email addresses which make it appear very legitimate and assume that it came from the real company. However, do not be in a hurry to open such a file, do a quick search and contact the company first through other channels.
2) Don't blindly click on "yes" to permission requests :
When your computer detects these malware within tweaked files, it will often give a pop up asking for permission before executing it. If you see a "Yes" and "No" option, do not blindly click on "Yes". This may cause the malware to override all the security controls in place and run with elevated privileges. So, double check and if you sense doubt, click "No".
No comments:
Post a Comment