Please read our\u00a0How to protect yourselves page<\/a>\u00a0for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware. Also please read our\u00a0post about word macro malware<\/a>\u00a0and how to avoid being infected by them<\/p>\n The email looks like:<\/p>\n Please advise when we can expect to receive payment of the attached invoice now due?\u00a0 I await to hear from\u00a0 you.<\/p>\n Kind Regards<\/strong><\/p>\n Donna Vipond<\/strong><\/p>\n Accounts<\/strong><\/p>\n Event Furniture Ltd\u00a0T\/A Event Hire<\/strong><\/p>\n Tel: 01922 628961 x 201\u00a0<\/strong><\/p><\/blockquote>\n <\/p>\n 30 June\u00a02015\u00a0:\u00a075805.doc \u00a0\u00a0\u00a0\u00a0\u00a0 Current Virus total detections:\u00a05\/56\u00a0 Which downloads the same Dridex banking malware as today\u2019s other malspam run of macro enabled word docs\u00a0Bank payment SBP Beauty & Lifestyle hairandhealth.co.uk \u2013 word doc or excel xls spreadsheet malware<\/a><\/p>\n So far I\u00a0have only examined \u00a01 version of this malware, but previous campaigns over the last few weeks have delivered\u00a05 or 6 and quite often up to 10 or 12 \u00a0different versions, some with word doc attachments and some with Excel xls attachments. There are\u00a0frequently 5 or 6 download locations all\u00a0delivering exactly\u00a0the same malware. All of these emails use\u00a0Social engineering<\/a>\u00a0tricks to persuade you to open the attachments that come with the email. Whether it is a message saying \u201clook at this picture of me I took last night\u201d and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day.<\/p>\n The basic rule is\u00a0NEVER\u00a0<\/strong>open any attachment to an email, unless you are expecting it. Now that is very easy to say but quite hard to put into practice, because we all get emails with files attached to them. Our friends and family \u00a0love to send us pictures of them doing silly things, or even cute pictures of the\u00a0children or pets.<\/p>\n Never just blindly click on the file in your email program. Always save the file to your downloads folder, so you can check it first. Most ( if not all) malicious files that are attached to emails will have a faked extension. That is the 3 letters at the end of the\u00a0file name. Unfortunately windows by default hides the file extensions so you need to\u00a0Set your folder options<\/strong>\u00a0to \u201cshow known file types.<\/a><\/p>\n Then when you unzip the zip file that is supposed to contain the pictures of \u201cSally\u2019s dog catching a ball\u201d or a report in word document format\u00a0that work has supposedly sent you to finish working on at the weekend, \u00a0you can easily see if it is a picture or document\u00a0& not a malicious program. If you see\u00a0.EXE or .COM or .PIF or .SCR\u00a0at the end of the file name\u00a0DO NOT<\/strong>\u00a0click on it or try to open it, it will infect you.<\/p>\n With these malformed infected word, excel\u00a0and other office documents that normally contain a vba macro virus, the vital thing is do not open any office document direct from your email client or the web.<\/p>\n Always save the document to a safe location on your computer, normally your downloads folder or your documents folder and scan it with your antivirus. Many Antiviruses do not natively detect vba\u00a0 macro-viruses in real time protection and you need to enable document or office protection in the settings.<\/p>\n Be aware that there are a lot of dodgy word docs spreading that WILL infect you with no action from you if you are still \u00a0using an out dated or vulnerable version\u00a0of word. This is a good reason\u00a0to update your office programs to a recent version and stop using office 2003 and 2007.<\/p>\n Many of us have continued to use older versions of word and other office programs, because\u00a0 they are convenient, have the functions and settings we are used to and have never seen a need\u00a0to update to the latest super-duper version. \u00a0The risks in using older version are now seriously starting to outweigh the convenience, benefits and cost of keeping an old version going.<\/p>\n I strongly urge you to\u00a0update your office software
\nBe very careful with email attachments.<\/p>\n![\"\"](\"https:\/\/web.archive.org\/web\/20150703045542im_\/https:\/\/ir-uk.amazon-adsystem.com\/e\/ir?t=myonlinesecurity-21&l=ur2&o=2\")