Gmail, Outlook and Hotmail users need to keep an eye out for a dangerous email that is being circulated right now. Security experts at Fortinet are warning PC owners about the nasty new scam that poses a whole host of problems. The message that scammers are spreading is loaded with malware that once executed can not only give cyber crooks remote access to all of the data on a victim’s Windows PC but it will also allow bad actors to use a device’s camera and microphone to secretly spy on them.
The scam begins with the holder of an email account being sent a message that allegedly notifies them about a payment from a trusted source. Users are advised to click on and download a genuine-looking Excel attachment which is usually named “Remittance-Details-951244.xlam”.
However, falling for this trick could prove to be a fatal error as the file in question is loaded with three dangerous pieces of malware.
The bugs included with the Excel file are the AveMariaRAT, BitRAT, and PandoraHVNC trojans which have the capabilities to take over vital parts of a PC.
Users should be advised that a security threat may have been found in the macros that are running in the Excel document. Macros are used by Excel documents to automate actions, which can help you save time on repetitive tasks.
However, if that warning is ignored, the macros, in this case, have been manipulated to kickstart the process of infecting a Windows machine with malware, and enabling them could prove fatal for your device.
Speaking about the threat, Ray Walsh, a digital privacy expert at ProPrivacy, said the new email campaign was a “severe” danger to Windows users.
Walsh also advised that people to consider carefully any unsolicited messages they receive – even if they look genuine, and to make sure their PCs are protected by up-to-date antivirus software.
He said: “It is vital that consumers are on the lookout for phishing emails that could cause them to become infected with three different malware infections.
“This is an extremely severe phishing campaign that is seeking to victimize Windows users with Trojans that give the attacker complete remote control over the infected computer.”
Walsh went on to add: “We urge consumers to keep their devices up to date with reliable antivirus software, consider every single unsolicited message which looks genuine, or emails that evoke an emotional response and call to action.”