Stay One Step Ahead of Cyber Criminals

Cyber criminals are always devising new methods to bypass your business’s security systems and trick you into handing over data, money, or both. Their latest tactic involves corrupted Microsoft Word files – and if you're not vigilant, you might fall for it...

#CyberCriminals #CyberSecurity #CorruptedFiles

Beware of That Corrupted Email Attachment: It Could Be a Scam

Picture this: You're browsing through your inbox and spot an important email with a Word document attached. Perhaps it's an invoice, a message from a supplier, or even a request from a colleague. You open it without a second thought... and just like that, you've been scammed.

This scenario is exactly what cyber criminals are banking on. They’ve devised a new method to slip past even the most advanced email security filters – this time, by using corrupted Microsoft Word files.

It's a clever and dangerous tactic.

Phishing (pronounced "fishing") is when scammers attempt to deceive you into revealing sensitive information, like passwords or bank details. They "bait" you with an email that appears legitimate, perhaps from your bank, a co-worker, or a trusted company.

These emails often contain attachments or links. When you open the attachment or click the link, you could be downloading malicious software (malware) or visiting a fake website designed to steal your details.

Phishing attacks are continually evolving and are now one of the most common ways scammers infiltrate businesses. Email security filters are typically adept at scanning attachments. However, since corrupted files can't be analysed properly, the Word file manages to sneak into your inbox.

When you open one of these corrupted files, Microsoft Word will "repair" it and display what seems like a normal attachment. But the document will contain a malicious QR code or link that redirects you to a phishing site (often a counterfeit Microsoft 365 login page). If you enter your details, scammers could gain access to your account – and potentially your entire business.

Stealing just one employee’s login details can be sufficient. With access to your cloud systems, scammers could seize sensitive customer data, lock your team out of essential files, or even send phishing emails from your account to deceive your contacts.

If this happens to you, it could be catastrophic. Your business might face financial losses, legal repercussions, and a tarnished reputation that could take a long time to rebuild.

Cyber attacks are becoming increasingly complex. But you don't need a degree in cyber security to help safeguard your business.

The best protection is awareness and caution.

Here are some steps you can take:

• Slow down and think twice before opening attachments or clicking on links.
• If an email seems urgent, be cautious – scammers often rush you to act without thinking.
• If you're uncertain about an email's legitimacy, verify with the person or company it seems to be from.
• Never trust an attachment or link just because it looks professional.

Most importantly, ensure you and your team are educated about what phishing is, why it's dangerous, and how to recognise the warning signs.

We assist businesses like yours with this every day. If you’d like us to help you too, please get in touch.