A new “zero-day” malware has been discovered in Australia that affects all of Microsoft’s Office 365 products including Word, Excel, PowerPoint and Outlook.
The malware was discovered by the cyber security company Check Point and came in the form of an invoice sent by email. The attack is designed to catch unsuspecting victims according to security analyst Raymond Schippers who said: “The email sent to Office 365 users via Outlook gives the appearance of an invoice in the form of an Office document. When they go to open it, a message will appear telling people the document was created with a previous version of the software, so they will need to click something to enable the content.”
If a user does click on the message it will run ransomware that locks all of their files and in order to unlock them they will have to make a payment of a few hundred Australian dollars. However Schippers strongly recommends against complying and advises anyone who has opened the email to close the document and delete it. Afterwards it will be necessary to restore the computer from a backup if available or entirely reinstall the OS in order to entirely remove the ransomware from the system.
This latest malware could be particularly devastating due to how it is designed to trick everyday users into opening a document that appears to be legitimate. Attachments sent from unknown email addresses should always be viewed with caution and should rarely be opened.
Consistently backing up one’s system is an absolute necessity to prevent the productivity loss that could occur from a malware infection.