Criminals are currently sending general emails with the subject “Application for your job advertisement”.
This is what such an email looks like:
Ladies and Gentlemen
I found your open job offer on the employment office website.
Based on my many years of professional experience combined with my continuous and independent further training, I am convinced that I will be able to meet the requirements associated with the challenging position to your satisfaction.You will find my application documents attached. Password: 9821
My goal is to use the acquired skills profitably for your company. In addition, I would like to continuously develop myself so that I am always available to your company as a qualified employee.
If you have any further questions, please feel free to contact me. I would look forward to a personal introduction in which I can convince you of my professional knowledge and motivation.
I remain Yours sincerely
What happens when you open the document?
If you open the document, whose password is actually always 9821, you will see a graphic that is supposed to pretend that it is a "coded" document, which can only be read if you activate editing and scripts in Word:
Danger!
By activating the content, a malicious script contained in the document is executed, which installs malware and Trojans on the PC. Kaspersky prevented the script from running:
When we looked at the certificate, we could also see that the script wanted to establish a connection with another computer.
This gives fraudsters the opportunity to directly access the user's computer and install malicious software on it.
How can companies protect themselves?
There are a few steps that can be taken to best protect company networks from such attacks:
- Employees should be trained to open file attachments with extreme caution. If there is any uncertainty, additional employees and colleagues must be brought in.
- A user and an administrator account should be created on company computers. If only the user account is used by default, you can set that any program installation requires approval by the administrator account. Unnoticed installations of programs are therefore impossible.
- The automated execution of 'macros' in Microsoft Word should definitely be disabled and rejected for execution in the event of an unexpected query. These macros can otherwise immediately download Trojans or spyware, for example, and infect systems and company networks.
- Operating systems and programs must be kept up to date. This is the best way to protect systems from various security gaps.
- Externally stored and encrypted backups are just as essential as up-to-date firewalls and virus programs.
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )