Document based Virus, MalWare and Trojan Threats increase
Document based Virus, MalWare and Trojan Threats are being detected in increasing numbers across email networks. Although Document based Malware is not new, the alarming increase in these types of attacks is a major concern. Due the new nature of these attacks, many leading Anti-Virus, Malware and Firewall systems are not detecting them as they come through.
[contentblock id=2 img=gcb.png] partners with several leading global cyber security organisations and anti-virus vendors. Whenever we encounter suspicious emails not detected as threats, we submit them to our Partner anti-virus vendors for assessment. As a result, if a new threat is detected, updates to their anti-virus definitions are released soon after. We encourage other IT Support company’s like us, to do the same. This would help anti-virus vendors better understand how these attacks function and develop anti-virus definitions to block these attacks quicker.
An email received with an infected attached file can look like it has come from a trusted source.
To give you some understanding, here are some examples of emails that have had infected documents attached.
Example 1
Date and time: 8:11 3.11.2015, Transaction Total: 30113.29 Australian Dollars, State: Please open enclosed Statement.
Example 2
Time: 8.41 03-11-2015, Amount: 29694.55 Australian Dollars, Transfer status: Please see attached DOC.
How can you tell if an email is bogus?
- Most accounting systems email invoices and statements as Portable Document Format (PDF) attachments. How many legitimate emails do you receive from companies that attach a Word document (.doc or .docx file)?
- Check if the senders name matches their email address
- Check the sending domain name.
How Viruses, MalWare and Trojans work in Word documents
To save time on tasks you do often in Word documents, you can bundle the steps into a macro to automate the tasks. The macro programming language can also be used to write infectious code and viruses. As a result, if macros are enabled, the malicious MalWare is run in the background when you open the document. The macro is usually just the start of the attack, subsequent hostile or intrusive functions are performed, without asking you. These could include viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs.
What should your virus strategy include for Document based threats?
As new threats are not immediately detected by anti-virus software, please continue to exercise caution when opening email attachments. You are the first line of defence against Virus, Torjan, MalWare and other Threats.
If you receive an email something along the lines of the above examples with a document file type attached: .doc .docx, do not open the document and delete the email.
If you do open a document that has been emailed to you and a message like “Do you want to enable the macros” appears, close it straight away and remove it from your system.
More information can be obtained from cyber security services like Sophos and Symantec .
Contact Us if you need any assistance with your anti-virus strategy or Network Security.