Opening links and attachments represent a phishing risk
As cybercrime becomes evermore common, it’s safe to say that no company, organization or individual is not in some way exposed to data breaches, malicious email campaigns or other form of cyber theft at any given time.
Indeed, troves of personal data – email usernames, passwords, credit card account information, login credentials and more – are floating around on the dark web. And it’s costing companies: The total cost of cybercrime for each company increased from $11.7 million in 2017 to a new high of $13 million in 2018, according to an Accenture report.
Phishing – when a scammer sends emails to trick someone into giving them personal information – is one of the most common hacking methods, security experts say. The best way to avoid getting hacked is to not reuse passwords and change them often (or use a password manager).
Aside from taking those precautions, here’s one critical piece of advice to follow.
“Be aware of email from outside sources that contains a Word or Excel doc,” says Randy Pargman, Senior Director of Threat Hunting & Counterintelligence at Binary Defense, a cybersecurity firm.
According to Pargman, who used to work at the FBI, that’s likely the most common way people get hacked — with an attached Microsoft Office document.
Microsoft office, recognizing this threat, changed its Office suite of products to have macros disabled by default.
Here’s what happens:
“Usually the malicious Word doc will contain a macro or an embedded script that requires some sort of action on the part of a recipient,” he says. A macro or script is essentially an automation you can use to make certain tasks easier — they’re easy to program. But the critical thing is that they need to be activated.
“That action might be as simple as downloading the file and clicking an ‘enable content’ button,” Pargman said. “Or double-click something that looks like a picture inside the document.”
In both cases, Pargman says, there are often instructions to click or activate something.
“Any document that has instructions demanding the recipient double-click some button should raise red flags,” he says.
Always preview documents in your email client (Gmail, Yahoo) before downloading if you’re unsure. According to Pargman, the document can’t run macros if you’re previewing it online.
What if I already downloaded it?
If you’ve downloaded something suspicious, opened it, don’t fill up the sink and drop your computer in. The whole point of the “CLICK THIS BUTTON” is because the malware or virus needs your participation.
“If you haven’t clicked on anything yet, most likely nothing has happened yet,” Pargman says. “The doc can’t run the script automatically. That’s a protection Microsoft puts into Office.”
If it’s too late, and if someone already clicked the button to enable the content, Pargman says you won’t know if anything has been compromised – the attackers’ access will be invisible.
“They’re not going to see anything else pop up, and no more indications the attacker has installed and has backdoor access,” says Pargman. “If someone has opened up a suspicious doc they should seek professional help — security professionals can tell quickly.”
A good place to start? Your company’s IT department, BestBuy’s Geek Squad, or a local computer specialist.