Malware-Laden COVID-19 Emails Exploit MS Office Vulnerability
Does it feel like you’re getting an email update from everyone you’ve ever done business with about how their company is handling COVID-19? A spike in corporate email messages meant to keep customers informed has provided a valuable opening for bad actors to exploit as they mount new phishing attacks.
The United States Secret Service recently released an alert detailing how cybercriminals are imitating corporate email. These poison pen letters aim to encourage that company’s clients to open infected attachments or click links that take them to faux-official webpages in order to harvest credentials, install keyloggers, and lock down systems with malware.
The noxious attachment in question is often disguised as an MS Office or WordPad file, as hackers aim to take advantage of a potential weak point in MS Office. CSO reports that these attacks are designed to exploit the ancient Microsoft Office memory corruption vulnerability that was patched in 2017 but still involved in more than 600 incidents in 2019.
How can your company avoid becoming the next victim?
- Patch everything completely – Don’t ever skip updates or patches. Make sure software and hardware is patched regularly. Install every update and apply every patch (especially this one), no matter how minor or inconvenient it seems.
- Upgrade your login credentials – Passwords just aren’t good enough security tools to do the job alone anymore. Use a sophisticated secure identity and access management solution like Passly to add multifactor authentication.
- Improve your phishing training – Every company’s first line of defense against phishing attacks is an alert staff. Make sure that your staff at every level is trained to spot cybercriminals’ new tricks and repel attacks with BullPhish ID.
Keeping your users and systems up to date is the key to avoiding cleverly disguised phishing attacks, and an essential defense against malicious intrusion into your systems and data.