For the first time in a long time — in fact, for the first time ever, as far as I know — my company has gone a full three months without one of our employees falling for a phishing scam. I hope I don’t jinx this winning streak by telling you about it.

Last month, I told you about a colleague who had to deal with an outbreak of the ransomware known as “Locky.” We found out that that infection happened when an employee foolishly opened a macro-enabled Microsoft Word document attached to a phishing email. The Word document, which contained Visual Basic code that delivered the malware, came in a phishing scam about an unpaid invoice. More details were purportedly included in the attached Word doc. Because such weaponized documents are a growing threat, I recommend that you block macro-enabled Office files from being delivered through email.

To read this article in full or to leave a comment, please click here