We’ve recently gotten reports of a spate of malware infections due to opening Word documents that claim to be reports, invoices, financial records or some other standard business correspondence. Believe it or not, what appears to be standard Microsoft Word documents can contain vicious malware.
This most recent one is a newly created “ransomware” – a program that is capable of making the files on your computer and on the server unreadable. The email attachment may appear to be a Word document, and may claim to be an Invoice. This is not always the case. It is just the most common ploy.
Another common trick used these days is to send an email that either says something like, “Your bill is attached” or “Your refund is attached.” In both cases, you’ll want to open up the file and see what you’re being billed for or why you are getting a refund.
And to make matters worse, most of these malware will appear to come from someone you know because they do come from someone you know! When you become infected, part of the infection is sending the malicious file to everyone in your address book. So the email may look very legitimate.
Of course, it’s unrealistic to suggest you never open a Word document or other attachment again, but there are a few general guidelines to avoid malicious attachments.
- Have a healthy suspicion about ALL attachments – Assume they are malware and then try to prove they are not
- Never, ever open an EXE, COM, SCR, VB or ZIP file
- If you don’t recognize the sender, DO NOT open the attachment
- If you do recognize the sender and aren’t expecting a file from them, confirm that they sent it before you open it – Just a quick phone call or an email, “Did you send me Invoice.doc file today?” can save you from disaster.
- If you do open a Word document that has instruction of any kind, do not follow the instructions – Many of these will say something like, “Click Enable Content on the yellow bar above to view this document,” No legitimate Word document will require you to follow instructions in order to view it. If you have to enable something or allow something, then it’s doing more than just displaying a document.