A new twist on an old threat tactic could allow hackers to compromise your computer and steal your information. As with similar campaigns, infected Microsoft Office documents are sent as attachments in spam emails. However, no interaction is required on the part of the victim this time around. When the document is opened, the vulnerability spreads, making it a nastier technique. The latest versions of the malicious documents have been installing the Dridex banking Trojan, which can steal your banking credentials and other sensitive data. Today is Patch Tuesday (https://en.wikipedia.org/wiki/Patch_Tuesday), and an update is expected from Microsoft to fix this vulnerability in Office, but until then, and AS ALWAYS:

  • Do NOT open any attachments that you are not expecting, EVER!
  • Do NOT “Enable macros” or “Enable content” in any documents, unless you have verified that the email/attachment is legitimate by contacting the email sender directly via phone. (Do not reply to the email to verify.)
  • Enable “Protected View” in Microsoft Office: https://support.office.com/en-us/article/What-is-Protected-View-d6f09ac7...
  • Make sure your antivirus program is updating daily, and scan any attachments you intend to open.
  • Enable automatic updates for your operating system and applications whenever possible.

In most cases, emails with suspicious attachments can be safely ignored and deleted. If you are uncertain about the legitimacy of an email, you can forward it to the Help Desk (help@oswego.edu) for additional guidance.