It’s A Trap!

Be careful out there. Simple bait often works best…

Here’s a example of some current spam with an Excel file attachment named:

Payment instruction & Swift.xls
Payment instruction & Swift.xls

“Payment” spam with a Macro-based malware attachment.

The Excel file attachment contains malicious Macro programming which will attempt to download and install DarkComet RAT. F-Secure detects this attachment (and others like it) as W97M.Downloader.C.

Nasty stuff.

About the bait… this spam message ended up in my “Bulk” folder. Why? Because I use rules to sort away messages that aren’t directly addressed to me. And by using the Bcc: field, the would-be attacker ensured that this particular message ended up in my least trusted folder. What about you – and more importantly – the person who handles payments within your organization? Would they open and execute this trap? Possibly so, they’re only human.

Reduce the chance of human error, disable macros in Office files.

@5ean5ullivan



Articles with similar Tags