Fortunately for Barracuda Essentials for Email Security and Barracuda Essentials for Office 365 users, Barracuda’s Advanced Threat Detection is able to detect this threat, which may become a widely used attack in the near future given its potential for evading detection. While using social engineering to get users to execute malware is always a gamble on the author’s part, in the case of email, just getting the file onto a user’s computer is likely enough to greatly increase the odds that they will also execute it. Additionally, many macro-based malware already count on this by requiring user action to run the macro in exchange for decreased detection by antivirus solutions looking for auto-executing macros.
Jonathan Tanner is a Software Engineer in our Campbell office. Connect with him on LinkedIn here.