Cybercriminals are coming up with new ways to bypass antivirus software to ensure the success of their illicit activities. Apparently, a group of criminals has found the key to impersonating different companies that send mass emails with damaged Word files. Its main objective is to steal Microsoft user credentials to extract all your data, but worst of all is that these types of cyber threats cannot be identified. How do they manage to evade security controls?
Fraudulent email campaigns are once again the center of prevention for many cybersecurity experts who warn of all the risks that may occur if they finally fulfill their promise: stealing the confidential information of all the people who receive them. However, it doesn’t all end here, because antiviruses are having problems identifying whether or not these types of messages are fraudulent when you start downloading the file.
As indicated, this is one of the most dangerous situations that have been seen in a long time and all users who receive this type of email should be alert to possible cyber attacks, as their Microsoft user data could pass into the hands of the evildoers. Below, we tell you how they act and what you have to do to avoid these virtual confrontations.
The cyberattack that evades the security of your antivirus
A North American malware search company is immersed in the investigation of one of the most dangerous conflictive events that have occurred in recent months. The company Any.Run has already set to work to verify first-hand the receipt of a new wave of emails containing malicious Word files that are very difficult to detect. Even the most powerful antivirus programs, such as VirusTotal, are also not capable of testing whether there is a possible security risk in its content. Those responsible for the study comment that all the tests reflected the message “clean” or “item not found”, so they have managed to successfully escape security.
Specifically, the cyberattack bypasses Outlook spam filters, so the emails arrive directly to the inbox, which represents an increased privacy risk. Likewise, to make the victim bite, human resources departments of well-known American multinationals are used as impersonations, presenting a wide range of topics related to benefits and bonuses oriented toward employees, the victims of this network.
These phishing Word documents are intentionally damaged to make them easily recoverable. Once opened, the scan of a QR code with logos of the impersonated company is indicated. When you scan it with your mobile phone, it automatically redirects you to a seemingly legitimate Microsoft account login, but in reality it is a scam. Here it will ask you to enter your username and password to be later extracted.
How to protect yourself
At the moment, Spain is one of the countries that is exempt from this type of cyberthreats, but it never hurts to know all the tricks to emerge unscathed from any harsh circumstance in which our information is compromised.
One of the first things you should keep in mind is that if you receive an email from a stranger in your main inbox, block the sender and send the message to the spam folder, although you can always end up deleting it. However, it is always advisable to take screenshots in case at some point you have been able to click on the corrupt file and have managed to access your data.
But if you notice that your computer starts to slow down, try running the antivirus and if you continue to have lower than normal performance, you may need to completely restore your PC. However, you can always make a backup copy of all your photos, videos and files beforehand.
