Scammers attaching banking password-stealing malware to MS Office docs

A "Critical Alert" is issued after banking passwords are stolen through Microsoft Office accounts.

Cybercriminals are attempting to compromise Microsoft Office accounts and steal user passwords, especially those used for banking, by sending malicious attachments claiming to be tax forms or other official documents.

This threat – flagged as a “critical alert” by Barracuda Security Insight, Campbell, Calif.-based cyberfraud defense firm Barracuda Networks new free threat intelligence platform –  resulted from attempts to steal user passwords by using attached to common and trusted file types, such as Word or Excel documents.

“Cybercriminals regularly go after user passwords and credentials; however, we’re continuing to see criminals come up with clever ways to persuade users into sacrificing their sensitive information,” Jonathan Tanner, software engineer at Barracuda Networks, said in a blog reported the research.

Security Insight helps organizations gauge their threat levels, across email, endpoint, network, and web traffic, by examining over 100,000 sources to compile active and emerging in real-time. “One of the reasons we’re excited about the platform is because anyone with Internet access can use it as a way to check in on the different threats that might be lurking around the web,” Tanner said.

 

continue reading »