14 DAY TRIAL // Preying on the recent attacks carried out by Islamic state extremists, cybercriminals have started a malicious campaign with emails titled “ISIS Attacks in Sydney in 2015” that deliver malware.
The emails carrying the threat contain an attachment that claims to include locations in Sidney that have been marked for terrorist attacks this year. The file is a malicious Microsoft Word document created to funnel in the threat.
The fake message may appear legitimate
To make the message look legitimate, the cybercriminals provided contact details from reputable news outlets in Australia. The phone numbers included are real, but it would be a rare thing for someone to call them before opening the malicious attachment.
It is unclear how the Word document has been tampered with, but the most common method would be to include a malicious macro, with commands to connect to an online server and download and execute a specific file.
Macros are designed to help users automate repeated tasks in Microsoft Word, as well as other components of the Office suite. They are turned off by default as the company has acknowledged that having the feature enabled exposed users who do not need it to unnecessary risks.
However, some users rely on macros massively in their work. For them, there is the possibility to turn on the feature.
It is recommended to delete the message without opening the file
Malware is distributed through Office macros by tricking the potential victim into enabling support for the task automation scripts.
Generally, upon opening the malicious file, a message is displayed informing that the content cannot be displayed because the document had been created with a different version than the one installed on the user’s computer and enabling macros would solve the problem.
Recipients of such messages are advised to discard them immediately and to not open the attachment, regardless of the address of the sender.
Instead, they should verify the news about possible threats made by ISIS terrorists on trustworthy media outlets.
According to Online Threat Alerts, the Australian Police said they had no information about ISIS terrorist attacks targeting locations in Sydney.