As the security industry and end-users become more accustomed to avoiding infected e-mails the cyber criminals have to change their delivery methods, and they do this very quickly.
The main aim of cyber criminals is to make sure their files make it all the way through to the end-user computer as only then will there be a chance of infecting the computer. In order to get past a number of filters and AV scanners we’ve seen an increase of fake, infected office documents being sent as password protected files. Often scanner can’t detect viruses in these files as they are unable to open and scan the file without the password.
The usual rule applies here. Do not open an attachments unless you are expecting it, just because it has a password in the e-mail for the file it doesn’t make it any less dangerous. Even if you are expecting a file and somebody sends the password in the same e-mail you should contact them to ensure this is a legitimate e-mail.
If you receive an unexpected e-mail that doesn’t look quite right, delete it straight away. If you have already opened the attachment and entered the password then please call whoever is responsible for security on your network so the PC can be scanned.
Learn how we can help reduce the number of scam e-mails for your business here.