Microsoft alerts users of massive phishing attack: What to do now

Microsoft alerts users of massive phishing attack: What to practice now

(Epitome credit: Getty Images)

Microsoft has warned users about a persistent email phishing threat that targets users with a morbid, coronavirus-related lure and and a leading medical institution's likeness.

COVID-19 email scams have ran rampant since the pandemic started, with bad actors hoping to benefit from heightened fear and internet usage. The one the Microsoft Security Intelligence team is tracking claims to contain an updated death count from John Hopkins, which pioneered coronavirus maps and case tracking efforts.

The best antivirus software nosotros've tested
Everything in that location is to know well-nigh the stimulus bank check

Except, according to Microsoft, the email's Excel attachment doesn't just display a chart with the number of coronavirus-related deaths in the US — when opened, the hostile file prompts users to 'Enable Content.'

For several months at present, we've been seeing a steady increase in the use of malicious Excel 4.0 macros in malware campaigns. In April, these Excel 4.0 campaigns jumped on the bandwagon and started using COVID-19 themed lures.May 18, 2020

Once this action is carried out past an unsuspecting victim, the Excel file'southward malicious macros download and install the NetSupport Manager client using a remote access trojan, or RAT.

NetSupport Director'south remote assistants tool then lets a hacker hijack the user's system fifty-fifty execute commands on information technology remotely.

The Microsoft Security Intelligence team issued this alert via Twitter, using a thread to explain that how a number of different dirty Excel files all trace to the same URL.

"The hundreds of unique Excel files in this campaign apply highly obfuscated formulas, but all of them connect to the aforementioned URL to download the payload," Microsoft wrote. "NetSupport Managing director is known for being abused by attackers to gain remote access to and run commands on compromised machines."

Is this email a scam? How to protect yourself

Although the NetSupport Manager tool is useful for chivalrous remote administration, it can exist hands exploited by RAT hackers.

If a bad actor accesses your organization through NetSupport Director, your entire computer is compromised. The hacker has the means to control your auto, install files and steal personal data.

Y'all can protect your information and your device with a healthy dose of skepticism. Whenever you receive emails from people outside of your contact list, don't click on whatever internal links and examine the sender's e-mail address.

Malicious addresses often contain misspelled words or random combinations of letters and numbers, too.

It could besides help to install and run some of the all-time antivirus software, not just on Windows but on Mac and Android also. Most of the attacks we've seen in recent months are already well known and will exist detected and stopped by AV software.

Kate Kozuch is a senior author at Tom'due south Guide covering wearables, TVs and everything smart-home related. When she'due south not in cyborg mode, you can find her on an exercise bike or channeling her inner celebrity chef. She and her robot ground forces will dominion the world one day, merely until so, reach her at kate.kozuch@futurenet.com.