We have seen a dramatic increase in the number of infected attachments coming into client e-mail systems. This includes Exchange Servers hosted at client sites, as well as Office 365 hosted Exchange mailboxes and Gmail users, too.
Please be extremely careful about opening any kind of attachment (especially Word and Excel files) that comes from someone you don’t know, or that looks suspicious in any way, such as typos or bad grammar usage. Many of our clients have asked us to unblock these kinds of attachments in the Office 365 (including Office 2013 and 2016) Trust Center settings, because it was making it very difficult to open certain kinds of attachments, but that also makes it easier for employees to open things that they need to think twice about opening.
Typically, there will be a warning that pops up when an Outlook user tries to open a macro-enabled attachment, and that is meant to make them stop and really consider whether or not they trust the attachment and the sender. However, over time it becomes easy to just click the ‘Open” button without thinking:
The most common version of these malicious e-mails is some kind of fake invoice from an unknown sender. Please be VERY suspicious of those kinds of incoming messages!
If you do not know who the sender is or why they would be sending you an attachment, DON'T OPEN IT! If there is a phone number to call, you can try calling them to see if it sounds like they are trying to send you a legitimate attachment, but NEVER let someone you don't know try to connect into your computer for any reason. If you are a client of PJ Networks, you can always forward the suspicious message to your primary engineer to review for you, but less than 3% of the messages we get forwarded to us are legitimate. That means that in most cases, your intuition that something doesn't look right is correct!
These infected attachments seem to be making at past many e-mail spam and virus filters. The only real way to protect your business is to educate your employees to identify which messages are potential risks. In-house cybersecurity training programs can be expensive and require an ongoing effort to create materials and monitor employee training effectiveness, so they end up being just an annual “cybersecurity training session” that employees will forget within a few months, and new employees often do not get properly trained until the next year's annual session.
There are a number of employee cybersecurity training services available online, such as CyberLookout and KnowBe4, that can provide online training portals, quizzes, exams, and even simulated phishing e-mail campaigns that will test employee awareness and help you to tell the difference between a spam, a scam and a legitimate e-mail. Some of them, like CyberLookout and KnowBe4, will even help you to track employee scores and cybersecurity ratings based on their quizzes, training sessions and results from simulated phishing e-mail campaigns.
If your employer has an in-house cybersecurity training program, that's great - please take full advantage of it! If not, you might recommend that they sign up for an online cybersecurity training program that will help to protect the entire company. Remember - 60% of small businesses that suffer a data breach go out of business within 6 months! In the meantime, just try to be extra careful when opening suspicious attachments, clicking on links to unfamiliar websites, or turning off security settings in your applications. These extra security measures are there for a reason, and if they require you to make a few extra clicks or to save a file before opening it, well, maybe it's worth the inconvenience, after all.
Let's be careful out there!
-The PJ Networks Team