As if we didn’t know that ransomware was bad news — we learned just how big of an epidemic this stuff is becoming with the WannaCry attack earlier this month. The scope of this particular attack was truly astonishing, reaching hundreds of thousands of users in over 150 countries worldwide. From a security perspective — we have to learn from attacks like WannaCry in order to help prevent or mitigate them in the future. And even though WannaCry seems like it may be in our rearview mirror now, cyber criminals are incredibly creative and always looking for a new angle for the next big attack. One of the angles we’ve recently observed, and seems to be making a comeback is an attempted attack sent through email that asks the user to “enable macros.”
Highlighted Threat: This particular threat attempts to convince the recipient to “enable macros” or “enable content” in order to launch an attack.
The Enable Macros phishing attack uses a few different steps and techniques to try and gain the recipient’s attention and ultimately launch an attack. In this particular example, the first step the attacker takes is to send an intimidating email to the recipient that would seem to be from an authoritative department — it just so happens that the address is forged. This email also contains an attached Microsoft Office document. Interestingly, the sender isn’t looking for a reply, but rather for the recipient to open the attached file. To make the message appear important, they forged the sender’s address to make it look like it was coming from an authority.