Hackers use multiple strategies to steal data, passwords, or compromise devices. Sometimes they use simple techniques, while at other times they are more sophisticated. In this article we echo a new campaign that uses a simple text document to steal data from its victims. We are going to explain how it works and what you should do to avoid this problem.
A text file can steal your data
A group of security researchers from HP Wolf Security has detected a new malware campaign that uses text files to infect. Specifically, it is a file in the OpenDocument format , which is widely used and compatible with programs such as Microsoft Office, LibreOffice or Apache OpenOffice.
One of the biggest security risks of this type of file is that it tends to go more unnoticed than others, such as a PDF. This makes the victim more trusting and thinks that they are dealing with a document that is really harmless, but it is not harmless at all and can even steal personal data.
It should be noted that it does not use macros first, something that can cause that file to be detected as a threat. Instead, it does use remotely hosted content . This makes it difficult for antivirus engines to detect it.
This threat arrives via email. They usually use messages as a supposed reservation, for example of a hotel. The goal is to appear to be something real and make the victim click and download the text document that is actually fake. In these months, moreover, it is when we make more hotel reservations, since in summer it is when we usually travel the most. This makes it easier for someone to end up clicking through thinking it’s a document sent by a hotel, for example.
Once this file is opened, a message will appear indicating whether or not we want to update the fields of that document . When the victim clicks yes, that’s when the macro is actually enabled. From there it can execute different tasks and steal data.
What to do to avoid this problem
So, what can we do to avoid being victims of this attack that uses a text document or any other similar one? The truth is that it is very simple, since the most important thing is common sense . The attacker is going to need you to click on that file, download it and run it to enable the macros.
Therefore, always avoid opening documents that arrive by email without really knowing who may be behind that email. It may be a scam that aims to steal your passwords, personal data, etc. It is essential to avoid making mistakes of this type and that will help keep you safe.
It is also a good idea to have a good antivirus . This will help detect possible viruses and malware in general that may arrive through the mail or by other means. For example Windows Defender is a good option, but there are many others available.
In addition, keeping the system up to date will help correct vulnerabilities that may exist. Attackers can exploit security flaws in applications or in the system itself. If we install the latest versions we can correct these errors and be more protected.
All in all, here are some tips to avoid email malware. There may be many threats that put your security and privacy at risk.
