Cybercriminals are constantly coming up with new techniques to rip us off. They always seem to find flaws in the latest technology to deliver nasty scams.
That’s why it can catch even the most tech-savvy people off guard when they turn to old-school exploits. Which is what’s happening right now with emails containing Word docs. You really need to watch out for this scam, it’s super tricky.
How scammers can target you with Word docs
What’s happening is, unsuspecting victims are receiving emails that contain malicious Word docs. If you download the Word doc, your gadget could get infected with either Locky Ransomware or the banking Trojan dubbed Trickbot.
Image: Example of email with malicious Word doc. (Source: isc.sans.edu)
Typically when a scammer sends a malicious Microsoft Office document, they rely on the recipient to enable Macros. Enabling Macros allows the malicious document to infect the victim’s gadget with malware. However, this latest attack doesn’t need Macros to be enabled to deliver malware.
Now, criminals are taking advantage of a feature called Microsoft Dynamic Data Exchange (DDE). This allows Office programs to load data from other Office programs. For example, the DDE feature can be used to have a table in a Word doc automatically update with data from an Excel file.
Cybercriminals are able to take advantage of the DDE feature by opening a command prompt instead of loading data from another Office program. That’s the good news. For this attack to work, the recipient must click “Yes” or “OK” on the command prompt to confirm they want to update the document with data from the linked files to proceed.
Warning! Do NOT click “Yes” or “OK” on these prompts. It will lead to your gadget being infected with malware or ransomware.
If you are targeted by this attack and open the Word doc, you will most likely see a series of three command prompts. Here’s what they look like:
If you open a Word doc from an email and see prompts like this, do not continue by clicking the links. Immediately close the document and delete the email. Keep reading for more suggestions to avoid falling for scams like this.
Be cautious with links
Do not follow web links in unsolicited email messages, it could be a phishing attack. Cybercriminals always take advantage of popular websites and trending news stories to try and find new victims. That’s why you need to be able to recognize a phishing scam.
One thing to watch for with phishing attacks are typos; criminals are typically careless with spelling and grammar. If you receive an email or notification from a reputable company, it should not contain typos. Take our phishing IQ test to see if you can spot a fake email.
Have strong security software
Make sure you’re using strong antivirus software on all of your gadgets. And keep them up-to-date for the best protection. This is the best way to keep your device from being infected with malware.
Set up two-factor authentication
Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. It’s like the DMV or bank asking for two forms of ID. This adds an extra layer of security and should be used whenever a site makes it available. Click here to learn how to set up two-factor authentication.
Use unique passwords
Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen on one site and you use the same username and/or password on others, it’s easy for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.
If you believe you’ve come across an internet scam, you really should report it; Here’s how
Identity theft. Phishing scam. Spam. Malware. Sometimes the internet feels like the Wild West where you need to be ever vigilant about the world around you. We hear horror stories of internet fraud, as criminals come up with new and clever ways to steal your money. If you are the victim of an internet scam or know someone who is, you need to report it.