Users are advised to exercise caution with links and attachments received from unknown contacts or file-sharing platforms (such as Box and DropBox)

Researchers from anti-malware software vendor, Malwarebytes Labs have identified a new phishing attack that uses fake COVID-19 surveys in Microsoft Word documents to deliver ransomware. To evade detection, the attackers have uploaded the Word documents to file sharing services, such as Box and DropBox. They then use the share functionality to distribute the documents, rather than sending them via email. This helps evade any security that the end-user or organization may have in place. This attack currently is targeting staff in the education sector in Canada using the COVID-19 pandemic as a call to action, but it may spread to other countries and sectors.

As with any email based threat, recommends users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization. Users are advised to take preventive measures including:

  1. Exercise caution with links and attachments received from unknown contacts or file-sharing platforms
  2. Confirm the email’s legitimacy via a separate means of communication
  3. Navigate directly to authentic vendor websites
  4. Keep applications up to date
  5. Enable multi-factor authentication where available.



How is your state of IT?

Call Us: (201) 493-1414

Related Articles

New Extortion Phishing Scam Circulating
Phishing Campaign Delivers Ransomware to Teachers’ Devices
NJCCIC Warns of Unemployment Scams and Fraud
10 Tips for National Cybersecurity Awareness Month (October 2020)
6 Tips to Secure Your Home WiFi
Email Best Practices
Increase in Emotet Infected Emails
How Businesses Can Securely Work From Home (VPN Guidance)
Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution industry awards

Looking for a Break-Fix support? We recommend ValueMSP »ValueMSP - Tech Support for Small Business

Scroll to Top