Warning: Phishy Attachments

Phisky attachments.

The world was focused on WannaCry recently, but there here is another ongoing threat that your employees need to be aware of:

Word and Excel Documents as well as .pdf files can carry malware payloads, as well.  If the takeaway message in the last post was “Don’t Click”, today’s is: Don’t Open That Attachment!

By this point, your version of office should have been patched to NOT open any attachments without asking you first.  Sometimes that means that Office will show the attachment but won’t allow you to edit it until you press an button and respond to a pop-up that says, in effect, “Are you sure you want to do this?”

The warning and extra steps are really annoying when it affects stuff that is legitimate, but it’s an important feature that can help prevent you from being a victim of malware. If you need some before-bed reading, you can read the gory details on the SecureElement website: https://securelement.com/securelement-support-advisory-pdf-phishing-scam/
SecureElement Advisory on PDF Phishing scam.