IKEA Purchase Order [2001800526] – word doc malware #Dridex — 4 Comments

  1. Pingback:PAYMENT CONFIRMATION Lesley Mawson A.I.P. Ltd – word doc malware – My Online Security

  2. These will be valid for one day, and then not be used again.
    A better tactic is to block people from downloading .exe files unless they are supervised.

    • There are lots of things that a company with decent IT support can do to protect themselves from malware attacks, but blocking .exe files from a user won’t help in these sort of cases.
      Most users that do open the malicious word doc or excel spreadsheets will routinely receive such files in the course of their average working day.
      Many companies do have macros enabled because they rely on the functionality to perform routine tasks quickly and easily.
      The macro downloads and runs the .exe silently in the background without any user interaction or knowledge. Yes, there are software restriction policies that can be applied to a users computer to prevent all executable files running from any user profile folder or a temp folder. But in the real world, that prevents updates of already installed software and makes a lot more work for IT support. The majority of companies that this sort of attack is effective against are small companies with 1-20 employees and no full time IT support

Leave a Reply to Nyebodnye Cancel reply

Your email address will not be published. Required fields are marked *