As cybersecurity becomes an increasingly important concern and hackers continually carry out sophisticated attacks, businesses of all types should be aware that even the most innocuous-seeming Office applications can be vectors for malicious activity. Just recently, Microsoft’s OneNote was the target of malware-laden files distributed as “innocent” attachments. It is essential that businesses take the time to understand how these types of threats work in order to protect their systems against such attacks in the future. In this article, we’ll take a look at what happened when hackers managed to place malicious code in OneNote attachments, and what you should do if you ever come across any kind of attack. similar.
This new phishing method that could concern you.
After Microsoft’s latest bold and laudable move to disable VBA macros in its Office suite last summer, the risk of data hacking and unauthorized access dropped dramatically until last month when cybercriminals unearthed another trick to lure curious and unsuspecting victims through an email containing an attachment with the .one extension which looks innocent but in truth is destructive malware.
Recently, Trustwave researchers discovered a disturbing new trend in which threat actors are using OneNote documents to distribute the Formbook malware. This information-stealing Trojan has been available for sale on hacking forums since 2016 and is marketed as malware as a service. Formbook can steal data from various web browsers and other applications, as well as log keystrokes and take screenshots or record videos from your computer’s webcam.
Since December, phishing emails containing fake OneNote documents have become more common. The .one file extension does not trigger any warning messages due to its confusing similarity to Microsoft Office .one files. If opened by mistake, these malicious files can carry out devastating attacks on users’ systems.
How to cure it ?
The first step is to verify the source of the email before opening it.
Ensuring that emails and their attachments can be safely opened can save the user frustration and potential disaster. Before opening an attachment, users should always first verify the source of the email. It may be useful to ask yourself a few questions: do you know this sender? Did he provide a brief explanation of the contents of the attachment? Is the email address suspicious or are there spelling or grammatical errors in the explanation? If you answer yes to any of these questions, you should still refrain from opening the email and its attachment. This simple measure is effective in keeping malware at bay.
The second step must answer a fundamental question: do you expect it?
When it comes to sneaky malware, always ask yourself an important question: do you expect to receive this attachment? Malware can often hide in innocent-looking files that seem safe. (as is the case with a OneNote file) If the answer to this question is no, do not open the file, even if the subject of the message or the sender of the attachment is very appealing.
Be extra careful if it’s from an unknown sender or if the tone of the email doesn’t match past communications with them. In these cases, even if you’re tempted to click and open, check with your contact that they sent you something and that it’s safe. After all, when it comes to online security, prevention is better than cure.
The third step is to never ignore a warning message from the system.
Using a computer can be like walking through a minefield: not all dangers are immediately visible and it only takes one wrong step to cause irreparable damage. That’s why it’s essential to heed all the warning messages you receive from the system, whether it’s an attachment you want to open, a suspicious website you want to explore, or of anything else. Even if your intuition tells you that the attachment is harmless and opening it won’t cause any harm, don’t ignore the warning signals from your device. Pay attention to warning signs, as they are often your best defense against malware.
The fourth step is to have an activated firewall and an operational anti-virus system.
Firewalls monitor network traffic, helping to ward off unwanted visitors who might send malware or spyware hidden in attachments. Additionally, an up-to-date antivirus system keeps your computer constantly protected and alerts you when it detects a threat in an attachment, so you can take preventative action before it’s too late. These two simple supports are essential to prevent malicious intrusions into your computer via attachments or otherwise.
