Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Phishing campaign via email, abusing Microsoft Office templates to spread malicious code
According to researcher Ariel Davidpur, Operation PhantomBlu uses a very sophisticated exploitation method. Different from the normal NetSupport RAT distribution mechanism, it abuses interference with OLE (Object Linking and Embedding) templates, exploiting Microsoft Office document templates to execute malicious code.
NetSupport RAT is a malicious variant (malicious offshoot) of the legitimate remote computer access tool NetSupport Manager. NetSupport RAT allows threat actors to collect data from compromised devices.
The most common scenario for this attack is to start with a phishing email with the subject 'salary' to trick the recipient into opening the attached Microsoft Word document to view the monthly salary report.
The word file, when opened, will ask the victim to enter the password provided in the email body and allow editing, then double-click the printer icon in the document to view the salary chart.
This will open a ZIP file ("Chart20072007.zip") containing a Windows shortcut file. This file acts as a PowerShell tool that allows NetSupport RAT malware to be downloaded and executed from a remote server. From there, the subject will attack and commit acts of appropriation of property on the victim's device.
To minimize the risk of becoming a victim of such attack campaigns, users should always be vigilant when receiving strange emails, DO NOT access links or download/open attachments in emails IF this email is sent from an unreliable source or the email content has any suspicious elements.
Faced with information about the above international phishing campaign, the Department of Information Security (Ministry of Information and Communications) recommends that people be careful with files sent from unreliable sources or email content. suspect.
'It is necessary to carefully check the sender's email address and the content in the email; Do not arbitrarily click on any attachments or links in emails when you notice anything suspicious. Do not provide any personal or bank account information when requested to declare information from emails, recommended by the Department of Information Security.
In addition, users should use anti-virus software to scan email attachments. At the same time, pay attention to safety issues if using email when connecting to public wireless networks.
Besides, it is also important to note that you should not use one email for many Internet services, especially important services; Regularly change strong email passwords, do not leave default passwords; Set up two-layer security for email to authenticate with your phone so you can recover emails when attacked.
Samuel DanielYou should read it
- 4 things to expect in Microsoft Office 15
- Microsoft Office 16 exposes details in the new series
- Students and students enjoy free Office 365
- Microsoft Office 16 is coming soon
- Buy a Microsoft Office license at a 'bargain' price?
- Let Microsoft Office become more perfect
- Four reasons do not need to upgrade to new Microsoft Office
- Revealed Office Mix Preview, limited to registration
May be interested
- Instructions on how to break columns in Word simply and quickly
presenting text in columns will help your document look like a newspaper or newsletter page, while increasing aesthetics, readability and faster reading speed. this article will guide you how to break columns in word in the simplest and fastest way. - Show you how to create your own shortcuts in Word very simplyusing keyboard shortcuts in word helps you save time when performing mouse operations and achieve better work efficiency. the article below will show you how to create your own shortcuts in word very simply.
- Learn what is Outline in Word and the fastest way to use it?what is outline in word and how to use it always makes us curious. the view outline feature helps users manage the content as well as the structure of the written text in an overview.
- Instructions on how to display lines in Word are extremely simplein this article we will show you how to display lines in word, in the simplest and most effective way.
- Extremely simple instructions on how to fill in blank cells with 0 in Excelwhen working in excel, you may encounter a situation where your spreadsheet has many blank cells and need to fill in values in those cells. don't worry, read the article below to learn how to fill in blank cells with 0 in excel.
- Introducing how to use the CONVERT function in Excel in the most detailwhen working in excel, you may encounter a situation where your spreadsheet has many blank cells and need to fill in values in those cells. don't worry, read the article below which will introduce the convert function in excel to learn how to quickly fill in values into blank cells in excel spreadsheets.
Office information
Warning: Detecting a campaign to spread malicious code GandCrab 5.2 into Vietnam via fake email of the Ministry of Public Security- Microsoft warns of phishing campaigns targeting Outlook Web App and Office 365 users
- Warning: Microsoft and Google Clouds are being abused to launch large-scale phishing campaigns
- Microsoft urgently warns about a phishing campaign that uses malicious Excel macros to hack PCs
- Steps to protect email against malicious threats
Warning: Detecting a campaign to spread malicious code GandCrab 5.2 into Vietnam via fake email of the Ministry of Public Security
Microsoft warns of phishing campaigns targeting Outlook Web App and Office 365 users
Warning: Microsoft and Google Clouds are being abused to launch large-scale phishing campaigns
Microsoft urgently warns about a phishing campaign that uses malicious Excel macros to hack PCs
Steps to protect email against malicious threats