Why you need to update Microsoft Word

Office

Microsoft Word is a staple business application. But since so many people use it on a daily basis, hackers work tirelessly to expose and exploit flaws in the system. In fact, cybercriminals stumbled upon a Word vulnerability that puts your sensitive data at risk. Read on to learn more about the exploit and what you can do about it.

The attack
On April 10, cybersecurity firm Proofpoint discovered scammers running email campaigns to trick people into clicking malware-ridden Word attachments. The fraudulent emails, simply titled “Scan Data,” included attached documents that were named “Scan,” followed by randomized digits.

Although the emails seem harmless, clicking on the documents triggers a download for Dridex malware, a Trojan virus designed to give hackers direct access to your banking information. From there, they can simply log in to your online account and make unauthorized transactions under your name.

In 2015, the distribution of Dridex allowed cybercriminals to steal approximately $25 million from European accounts. And if your business fell victim to this malware, there’s a possibility your company might not be able to recover from the loss.

The solution
Fortunately, two days after the discovery of the bug, Microsoft released a security update to disable the dangerous documents, urging users to install the patch as soon as possible. But even though Dridex was inoculated relatively quickly, employees continue to be the biggest problem.

Like most malware attacks, Dridex was distributed via phishing campaigns that preyed on a victim’s trust and curiosity. Hackers added barely any text to the email, yet people were still fooled into clicking on dangerous links.

To make sure Dridex never reaches your company, you must provide comprehensive security awareness training. In your sessions, encourage employees to practice safe computing habits, which include being cautious of online links, setting strong passwords, and avoiding downloads from untrusted and unknown sources.

Much like updating your software, keeping your staff’s security knowledge up to date on the latest threats is also imperative. Ultimately, your goal is to have employees with a security-focused mindset when browsing the web.

Of course, if security training and cybersecurity solutions are not your company’s specialties, you can always rely on a trusted managed services provider like us to protect your business. We can update and secure your systems regularly, and make sure your staff are actively doing their part to reduce security risks. Contact us today!

Published with permission from TechAdvisory.org.

Previous Blogs

What to consider before you buy a new PC

What to consider before you buy a new PC

Purchasing a new computer can be a daunting task, especially if you’re not familiar with its components. You’ll want to make sure you make the right choice so you don’t end up buying one that becomes obsolete within just a few years. How much money should you spend? Which model is the best for you? […]

read more
4 must-know facts about the Cloud

4 must-know facts about the Cloud

Cloud computing has given companies affordable and flexible solutions to deal with rapidly advancing technological demands. However, for the small business owner, there are still many common misunderstandings about using cloud services. Here are a few things some businesses owners misunderstand about the cloud. #1. Cloud infrastructures are unsecure Information security is a necessity for […]

read more
New design upgrades to Microsoft Office 365

New design upgrades to Microsoft Office 365

Office 365 apps like PowerPoint, Word, Outlook, and Excel will be getting upgrades over the next few months. Microsoft expects these new features to boost productivity and overall efficiency of business users. Here’s what they have planned. Simplified ribbon The biggest update is with the ribbon, which is a command bar at the top of […]

read more