Microsoft warns: malicious Excel attachments in new phishing campaigns related to the COVID-19 pandemic

Spread the love

In recent days Microsoft has issued, through the official twitter channel of the Security Intelligence division, some warnings related to "massive" phishing campaigns who take advantage of the attention and thirst for information directed towards the COVID-19 pandemic to catch the audience off guard and mislead them.

In particular, Microsoft highlights the email-phishing campaign that started on May 12 and that seeks to exploit the image and authoritative stature of the Jonhs Hopkins Center to spread a self-styled "WHO COVID-19 SITUATION REPORT" via an Excel file.

Inside the file is hiding for a malicious Excel 4.0 macro that downloads and starts a NetSupport Manager Remote Access Tool (RAT). This is a particularly infamous ploy, because NetSupport Manager absolutely legitimate software whose purpose is to help carry out remote technical support.

Always the same Microsoft Security Intelligence then warns of another campaign boasting the possibility of carrying out a "check" or "test" linked to the coronavirus, requesting the user's personal data.

Although these two campaigns are mostly designed for an English-speaking audience, what matters most is spending a few more words are the basic principles. Not the first time we have news of such episodes, and with great probability it will not even be the last.

The phase that the world is going through, with the emotional turmoil triggered by the events following the COVID-19 pandemic, represent the ideal terrain for web scammers. In moments of profound uncertainty like these normal feeling lost, feeling bewildered and apprehensive and living every day with concern: you become more vulnerable to those little things that we believe can give us a little hope, or respond maliciously to a concern and precisely for this makes us let our guard down. It is the exploitation of emotional switches, the basis of social engineering, which moves computer and non-IT scams.

As always in these cases it is good to try not to let your guard down, following the "trust no one" principle, don't trust anyone. We try to consider, for example, an alarm bell whenever an invitation is received to download an attachment or to transmit our personal data, whatever the interlocutor: a little more zeal and distrust can spare us unpleasant consequences. Better safe than sorry, as they say in jargon.


Spread the love

Miner Hashrate

Next Post

Windows Solitaire turns 30, and still has 35 million monthly players

Mon May 25 , 2020
Spread the love        Tweet      The Windows solitaire, also known as Microsoft Solitaire or Microsoft Solitaire in English, he just has turned 30 and, according to what the company said in a celebratory post, it can still boast about 35 million players every month. In addition, over 100 million hands are played […]
Windows Solitaire turns 30, and still has 35 million monthly players

Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/finappet/public_html/bitcoinminershashrate/wp-includes/functions.php on line 4669