- Stating that they come from TD Bank or a similar institution, and request that you open an urgent attachment by implying your immediate action is required or there is an outstanding payment you will be required to make.
- The email may originate from a contact that is known to you who you frequently email with. In all likelihood, the contact has previously been infected and the virus has spread through their address book. Hence the ability for the virus to spoof their address and send emails to yours.
- In all cases, the email will contain a Word document. If open, the document will display a message that it was “Created in an earlier version of Microsoft Office Word” and prompt you to enable certain features of Word to view it.
As a result, users are advised to use extreme caution with any emails containing Word document attachments.
In some cases, variants of this virus will respond to your replies, posing as the sender and assuring you that the email is safe to open.
How to Protect Yourself?
In a situation like this, it’s always best to proceed cautiously and employ common sense and best practices to avoid getting infected.
- If you recognize the sender of the mail, obtain verbal confirmation (by phone) from the sender before opening any Word document attachments you were not specifically expecting receive.
- Sometimes the sender email addresses can have slight modifications compared to the actual sender’s email. Before opening up an email/Word attachment, place your cursor over the sender’s address. A dialog box should appear letting you see the sender’s address. If you do not recognize it or there are slight changes, do not open the email!
- Any emails containing strong language such as “open this attachment now” or “click here to make a payment” should be treated as suspicious. Chances are your actual contacts will not have this level of urgency or insistence.
- Obtain a strong email spam management and antivirus system. Systems currently protected by Mimecast and Webroot protect against this virus. If you have these recommended products then you need not worry about this particular virus.
The bottom line is any unsolicited email that comes into your inbox that contains a Word attachment should be assumed to contain a virus. This specific Word attachment contains ransomware so when in doubt, do not open it!
For more information on this recent email virus or more information on how to obtain Mimecast and Webroot for your system’s protection. Give us a call at 647-426-1004.
Courtney Rosebush is a Marketing and Sales Coordinator at Triella, a technology consulting firm specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium sized firms. Courtney can be reached at 647.426.1004 x 227. For additional articles, go to www.triella.com/publications. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Webroot Reseller.
© 2017 by Triella Corp. All rights reserved. Reproduction with credit is permitted.