Been shopping lately? Fake credit card email can spook you into downloading Cerber ransomware

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   As the shopping sprees become increasingly frenetic during holiday season, it’s hard not to worry about how much credit card debt we’re piling. Some of us rely on email notifications from our banks to track…

0

Where’s the Macro? Malware authors are now using OLE embedding to deliver malicious files

Recently, we’ve seen reports of malicious files that misuse the legitimate Office object linking and embedding (OLE) capability to trick users into enabling and downloading malicious content. Previously, we’ve seen macros used in a similar matter, and this use of OLE might indicate a shift in behavior as administrators and enterprises are mitigating against this…

10

Social engineering tricks open the door to macro-malware attacks – how can we close it?

The macro malware-laden documents that target email users through email spam are intentionally crafted to pique any person’s curiosity.  With subjects that include sales invoices, federal tax payments, courier notifications, resumes, and donation confirmations, users can be easily tricked to read the email and open the attachment without thinking twice. The user opens the document,…

7