Hackers are now using Microsoft “OneNote” files to send malware (either as an email attachment or a download link).
The emails discuss common topics—such as invoices and shipping—and include a seemingly valid reason to download the file. Upon opening the file, the victim will be asked to click on some type of graphic, which activates the malware.
If you do accidentally open a suspicious OneNote document, don’t follow the instructions inside. Doing so could trigger the malware and infect your computer system.
What Malware Is Being Installed
- Ransomware encrypts your computer unless you purchase a key from the extorter. Attackers will also threaten to release private information or photos unless you pay a ransom.
- Trojans allow an attacker to control your computer remotely to issue commands or install software.
- Info Stealers allow a hacker to steal your private data, including passwords and financial information.
How Can I Protect Myself?
Because hackers rely on people being careless, you can protect yourself by taking some basic security precautions:
- Never Click on Suspicious Links
Malicious OneNote files are only executed if they are downloaded. Email attachments should never be downloaded unless you are sure that you know who the sender is.
- Install Security Updates
Always install the security updates for your computer’s operating system as soon as they are available, as well as any other applications you have on your device.
- Back Up Files
Ransomware is less of a threat if all important files are backed up and the back-up kept in a separate location, i.e. not still plugged into your machine (as the ransomware will encrypt that too). It's worth noting that defending against ransomware in this manner doesn't prevent hackers from accessing data and threatening to release it.
- Use Two-Factor Authentication
Remote access Trojans can be used to steal passwords. To defend against this, you should add two-factor authentication to all of your accounts. Two-factor authentication prevents anyone from logging into your accounts unless they also supply a second piece of information such as a code sent to your device. With two-factor authentication activated, your password could be stolen and the thief still won't be able to access your account.
- Use Antivirus Software
Many types of malware will be prevented from running if you have antivirus software installed. Don’t rely on an antivirus as the only line of defense, though, as many malicious OneNote files are specifically designed to get past it.
- Educate Your Staff
All businesses should educate their staff about this threat. Employees need training to know what phishing emails look like and should not be allowed to download attachments.