It has been a general trend that, as computing power has increased, the world has been made a little easier for many professionals over the years. As the internet empowers users, it also simplifies tasks.
This is as true for the hacker as it is for the professional. Deploying large scale malware attacks and manipulating vast bot-nets is now simply a hard reality, rather than a horrible dream. As such, as the years have passed, macro-malware attacks have increased, both in frequency and potency.
What then, can be done to combat the rise of such attacks?
Macro-malware attacks are limited by their nature; that is to say that in order to operate on a larger scale, a greater degree of simplicity is required. As such, the weapon of choice for the macro-malware distributor is email; tricking users into thinking they’re opening important documents, when in fact they are accomplishing the opposite.
Microsoft has revealed that macro-malware attacks are on the rise, with at least 500,000 machines around the globe currently affected, although the majority of attacks currently take place in the USA and the UK.
Redmond is promoting caution as the best means to ensure that your PC remains unaffected, however this can only ever apply to the individual user. As software security administrators are well aware, armor is only as strong as its weakest link, while the majority will never open such an email, there is always one who will.
If such an event occurs, Microsoft recommends updating in-built Microsoft security software and ensuring that Trust Center setting are configured not to load earlier versions of older versions of Office (many problems stem from older formats). For more information on what can be done to avoid threats, have a look here.
As ever, practicing caution is by far the most effective strategy for avoiding trouble (as it is in most other walks of life).
Have you been affected by email scams? Let us know in the comments below.
Further reading: Cybercrime, Cybersecurity, Microsoft, Security