Well, another day, another scam. This scam is a darn sneaky one.
These cyber criminals are getting smarter. There is a reason why cyber crime is a billion dollar industry. This recent malware threat is unusually smart in the way It impersonates a highly trusted brand name to get a foot in the door.
The target of this campaign recieves a convincing looking email that appears to come from a widely used e-signature platform.
Attached to the email is a blank image that’s loaded with empty svg files, which are carefully encoded inside an HTML file attachment (stay with us here).
This is very clever and it’s tricking its way past a lot of security software (even some of the better ones out there).
That puts businesses like yours at risk. Because code within the image sends people to a malicious URL.
Open the attachment and you could unwittingly install malware onto your device – or even your network – which risks exposing your data and leaving you open to a ransomware attack.
This is why at BlueGrass Technology, we stress that's important to invest into a full technology security stack that includes end user training.
Recently, there’s been a huge wave of HTML attachment attacks on small and medium sized businesses, so it’s clear that companies need to take action to stay ahead of these bad actors.
If you use software to sign documents electronically (like most of us do), please check and double-check that emails are genuine before opening any attachments. We always tell people if you question it you can always ask us to review them, or call the person who sent it. It just takes a few minutes to verify an email.
There’s a reason why the criminals have chosen to impersonate a trusted name such as Microsoft, Amazon, or Google.
Taking things a step further, you could block all emails with this type of attachment, to prevent employees from being exposed to scam emails in the first place.
If you’d like any further advice, or help implementing extra security measures, please let us know. Your can also download this free ransonmware e-book that goes a little deeper into today's threats. https://www.bluegrasstechnology.com/newest-forms-of-ransomware/