Cybercriminals are constantly tweaking their attacks to make them sneakier. They do this to try and trick more victims into falling for the scam.
A popular tool for these criminals is a phishing email. Typically, the victim clicks on a malicious link inside the email that infects their gadget with malware. However, there is a new phishing attack making the rounds that will infect your gadget without even having to click a link.
What’s the latest twist on phishing scams?
Scammers have come up with a new way to infect gadgets without requiring the victim to click a malicious link. Instead, a banking Trojan infects their device by just hovering the cursor over a link that’s featured in a PowerPoint slide show.
Hovering over the hyperlink triggers a PowerShell command that automatically connects to a malicious domain. That’s when malware is downloaded and infects the victims’ gadget.
People are receiving spam emails that contain a PowerPoint file. The email is designed to look like a receipt or invoice and will have a subject line of either “RE: Purchase orders” or “Fwd: Confirmation.”
The email’s message says there is an attached purchase order that you need to click on to view. The attachment is actually a PowerPoint file.
If you download the attachment, it opens a PPSX file, which is a PowerPoint file in presentation mode. The file contains just one slide, and it reads “Loading…Please wait.” If you hover your cursor over this slide, the malicious code is executed and your gadget will be infected with malware.
The good news is Microsoft Office can block this attack. Starting in 2010, Protected View is enabled by default in Office, so you would have had to change that setting for this attack to work. If you still have Protected View enabled, you will see the following message pop-up when this malware attempts to install:
Image: Example of Microsoft security notice identifying security concern. (Source: SentinalOne)
Obviously, if you see the previous message pop-up, you’ll want to click Disable.
Since this malicious PowerPoint file is delivered through a phishing email, you need to know how to stay protected from those as well. Continue reading for security suggestions.
How to protect against phishing attacks:
- Be cautious with links – If you get an email or notification that you find suspicious, don’t click on its links. It could be a phishing attack. It’s always better to type a website’s address directly into a browser than clicking on a link.
- Watch for typos – Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Take our phishing IQ test to see if you can spot a fake email.
- Use unique passwords – Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen on one site and you use the same username and/or password on others, it’s simple for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.
- Set up two-factor authentication – Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. It’s like the DMV or bank asking for two forms of ID. Click here to learn how to set up two-factor authentication.
- Check your online accounts – The site Have I Been Pwned allows you to check if your email address has been compromised in a data breach.
- Have strong security software – Having strong protection on your family’s gadgets is very important. The best defense against digital threats is strong security software.