How to Protect Your Email: Email Attacks Currently HIGH

Email Security

There is a new fresh email spam/malware campaign currently out that is targeting Microsoft Office, Microsoft Windows and it that dates back to 2000. This vulnerability, CVE-2017-11882, was fixed in 2017, but unpatched systems are still vulnerable and being exploited today. This attack allows for running malicious code without the users’ intervention. The infected file will download multiple different types of files and connects you to the bad guys. Microsoft sent out warning of this email campaign on Friday, June 7th, 2019.

How does it work

The attacker will email with an attachment and hope that the receiver will open the attachment. The attachment will come as a Microsoft Excel document, a Word document, or RTF document (.doc, .xls, .rtf) and once opened will run the malicious code on your system.

The documents will look blurry, and you will be prompted to enable content to view the content better. Once allowed, that’s when it strikes.

The payload for this specific campaign is known as a backdoor Trojan which gives the bad actors access to your computer remotely, and they can install anything and everything they’d like.

Once infected, the attackers will install key logging software on your system, and other software in order to steal your passwords, and logins. They will steal sensitive information including credit cards, social security numbers, pictures, and any other personal information they can take.

If you have already installed and applied (including a reboot) the November 2017 Microsoft patch, you’re already protected and do not have to worry about this email campaign. This is one of multiple times this exploit has been used in other email/spam campaigns over the last couple years.

How do I protect myself

There are many ways you can protect yourself from this attack, and many other email spam attacks and malicious code. The key to protect yourself is by keeping everything up to date, and keeping good antivirus software on your system.

  1. Install Microsoft updates on both Windows (7, 8, 10) and Microsoft Office (2010, 2013, 2016, 2019).
  2. Install Antivirus software on your system with good email protection.
  3. Having safe email and web browsing habits.
  4. Keep difficult passwords, and not simple ones. (A simple password would be “Password1”)

 

Install Microsoft updates

Installing Microsoft updates can be done through your start menu under “Microsoft Update”, or it could be under “Windows Update” depending on the age of your operating system. Once you have selected one of the two options, you can then perform all of your updates. Bring your system fully up to date.

Antivirus Software

Antivirus Software is one of the key items on protecting your system. All 4 of the items are important, but Antivirus software is an easy way to add some automated detection to your system, and allow your system to passively protect you. Make sure your Antivirus software is also turned on and enabled, and fully updated with new definitions.

This will allow you the highest chances of detecting websites and email that is malicious. Unfortunately, Antivirus software is not 100% and there is still always a chance you can get infected through brand new infections/malware called “Zero days”. This is why all the items above are important.

=====>Click here for my reviews on Antivirus software<=====

 

 

 

Safe email and web browsing habits require many key fundamentals

  • Don’t open attachments you aren’t expecting
    • This is because someone you know could be infected as well, and sending these viruses to you
  • Do not click on links that go to suspicious websites.
  • Do not provide usernames and passwords

Difficult password

There are different methodologies on keeping difficult passwords, I will go over some basics

  • Include a Capital letter, Number, and a Symbol in your password
  • The longer your password, the more difficult it will be to brute-force.
  • Try not to use a password of a keyword about yourself. (Last name, Family member names, Pet names, Favorite colors, etc)
  • Finally, my favorite is to try to make a key pass phrase (3 words together), somewhat random, that is long. Example: KitchenBabySoda9! This makes your passwords significantly more difficult to guess. (Decades instead of hours/days/weeks to break into)

How do I know if I’m infected

There is no easy way to know if you are infected by the virus (or any virus for that matter), but many indicators may be:

  • Slow computer (not just old)
  • Random Ads and popups
  • Weird files showing up on your system
  • Files that no longer work (encrypted)
  • Weird emails being sent from your email address (in sent items)

Remediation

In the event you do get infected, it is better to contact a professional to remove the viruses, and then to get a good virus protection that you trust to help prevent it in the future. Due to the nature of viruses and malware, it is always highly recommended wiping your computer (saving your data of course) and reinstall your applications. Sometimes you can also get lucky and antivirus software can take care of the majority of the infection.

If you have any additional questions on what to do, feel free to leave some comments below, or contact me directly and I will attempt to assist.

=====>Click here for my reviews on Antivirus software<======


 

Although Microsoft has detected elevated spamming campaigns over the last few weeks using this specific vulnerability, there is always a risk of spam and viruses through email. Keep safe by protecting yourself in the ways above, and keep alert when opening emails and other websites. There will always be a new attack and/or malware to worry about, until next time.

If you have any questions, you disagree or want to add anything additional to help others, feel free to post below.

Also, is sure to join my Newsletter!

Please follow and like us:
error

About Don

Don has been in the IT industry for just over 20 years and has been working with Cyber Security for over 10 years. He holds many certifications including CISSP, CEH, and CHFI.

View all posts by Don →

5 Comments on “How to Protect Your Email: Email Attacks Currently HIGH”

  1. I really found this article to be quite useful. I wasn’t aware about the email attacks. Will definitely use the advice.
    Thank you for the post.

  2. Thank you for a very helpful article.

    It is scary how your details can be targeted across the internet and computer software. My emails are constantly bombarded with different scams trying to get me to open something, click a link or download something.

    I do always try to use more sophisticated passwords and two-step authentication where possible.

    1. Marco,
      Thanks for reaching out. If you have any questions about this or another topic, please let me know!
      Thanks again.
      Don

  3. Thank you so much Don on providing such crucial information on protecting our email accounts.

    Great tips on securing our email account and to me it is the most important in my life!

    So Google pls don’t screw this up for me. Lolz

    Great Post!

    1. Winson,
      Google definitely has things well tuned and in order. They seem to be one of the best at security. Thanks for the comments. Please let me know if I can ge of assistance.

Leave a Reply

Your email address will not be published. Required fields are marked *