SCAM OF THE WEEK: Malware Spreadsheet Spread

Scammers always look for ways to get you to make impulsive decisions. They usually scare or alarm you so that you react without thinking. In this week’s scam, cybercriminals send you an email with many urgent-sounding words that are designed to grab your attention immediately. The email looks like a payment invoice and contains an Excel attachment. It mentions that the attached forms need to be processed “as soon as possible” and that “penalties” will result from any payment delays.

If you open the attached Excel file, you’ll be presented with a pop-up window that instructs you to “Enable Editing” by clicking a button. If you click the button, the malware will begin installing on your computer. This particular malware is highly advanced. Once installed on your computer, it can steal user credentials and other personal information. The malware is designed to avoid being detected by your antivirus software. Once it has made its way onto your computer, it is very difficult to remove it.

Follow these tips to avoid falling victim to a malware phishing scam:

  • Be cautious of emails that create a sense of urgency or fear. Phrases like “as soon as possible,” “penalties,” and other alarming language are common tactics used by scammers.
  • Never select “Enable Editing” or “Enable Content” on attachments from untrusted or unexpected sources. Selecting either of these options is a common way for malware to be installed.
  • Verify the legitimacy of any invoice or payment request by directly contacting the company using known contact information.

The KnowBe4 Security Team
KnowBe4.com

June 21, 2024