Oops! You got caught.
You have just opened a Word file with the name invoice.doc and activated the macros contained in this document by clicking on the status bar «Activate editing» and «Activate content». This activation could have infected your computer with malware.
In an email from an unknown webshop you were informed that an invoice had not been paid and you were threatened with debt collection. The invoice was allegedly attached.
You could have easily seen through this particular attack based on the following points:
- You never ordered anything from CH-Shops because this company doesn't exist
- You were also prompted to open a file and above all to execute macros in the file. This is unusual and a clear indication that there may be malware in the file.
Note: This attack was part of an awareness training program. No data was transferred and no malware was installed.
Preventing the attack – Tips
Just clicking on a link in an email can put you and SQS at risk. Be wary of all e-mails that arrive in your inbox:
- Be suspicious: How does the sender know your address and why are you receiving the e-mail?
- Check the plausibility.
- Don't just click on links – check first, then click.
- Never enter your password on unknown websites.
- If in doubt please contact the Service Desk, Tel. +41 58 710 35 88
Cyber criminals use a good story to try to get their victims to open an infected attachment in which they have placed their malware.
Currently, attacks with so-called «Ransomware» are increasingly being observed. Once the malware has been activated, it encrypts the data of its victims and access to its own data is blocked. This is followed by a ransom demand. Such malicious software can often spread throughout the corporate network and cause very serious damage.