Users are advised to exercise caution with links and attachments received from unknown contacts or file-sharing platforms (such as Box and DropBox)
Researchers from anti-malware software vendor, Malwarebytes Labs have identified a new phishing attack that uses fake COVID-19 surveys in Microsoft Word documents to deliver ransomware. To evade detection, the attackers have uploaded the Word documents to file sharing services, such as Box and DropBox. They then use the share functionality to distribute the documents, rather than sending them via email. This helps evade any security that the end-user or organization may have in place. This attack currently is targeting staff in the education sector in Canada using the COVID-19 pandemic as a call to action, but it may spread to other countries and sectors.
As with any email based threat, powersolution.com recommends users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization. Users are advised to take preventive measures including:
- Exercise caution with links and attachments received from unknown contacts or file-sharing platforms
- Confirm the email’s legitimacy via a separate means of communication
- Navigate directly to authentic vendor websites
- Keep applications up to date
- Enable multi-factor authentication where available.