Spam and Malicious Email Awareness

Unfortunately we are unable to block word documents as these are used in your day to day business. Opening Malware is causing our mail lists to be sent out, which in turn increases our spam coming in.

Lately there has been an increase in email campaigns run by hackers attempting to get you to open attachments that are infected with viruses and malware. We are taking extra measures to try and limit the amount of these emails that get through our spam filters, but with email spam you can never catch all of them. I wanted to provide a few examples and explain a bit more on how they work to increase awareness throughout the company.

Most malicious email will come in the form of a vague message making some claim that tries to entice you to open up an attachment that is included in the email.
Some of the more common email topics are:
· Fake invoices from random companies that may or may not exist
· Fake unpaid bills
· Fake IRS notifications
· Fake UPS/Shipping Carrier Notifications

Here is an example of a fake invoice email trying to get you to open an infected word document:

Things to look out for:
1. The email address is coming from a domain that does not match the company that the email is claiming to be from. (Note: is different from Metropolitan, An RR Donnelley Company)
2. The attachment name is vague (Infected attachments can take the form of any file type. They can be word documents, excel docuemnts, pdfs, etc.)
3. Call to action enticing you to open the attachment
4. Claiming to be from a random company that may or may not exist. Typically, they will not give you any way of actually contacting them. Usually no phone number/email address

What happens when you open one of these files?
When you open one of these files, Microsoft takes some security measures to attempt to protect you from malicious files.
1. Word documents and excel documents will open first in protected view which will not allow any scripts to run. The file will most likely contain text with directions to disable protected view.

2. If you have disabled protected view, Microsoft makes one last attempt at blocking the virus by disabling macros. This stops any scripts from being able to run in the word document, and on your computer. If you give a malicious files the ability to run macros by hitting the Enable Content button, your computer will be infected. This is the last wall of defense against malicious Microsoft office documents.

This email is intended to inform you and increase awareness about how viruses and malware are spread through email campaigns. The best protection against them is to take a minute to try and determine if the email is one that you are legitimately expecting. If you are unsure, or skeptical it is best to just delete the email, or contact the person or company that sent it to you to confirm that it is legitimate.

In the case that you do accidentally open one of these attachments and give it access to macros, please Disconnect your computer from the network , call us 770-297-4812 and let us know ASAP. We will run a scan to determine what needs to be done.