Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Microsoft has warned users about a persistent email phishing threat that targets users with a morbid, coronavirus-related lure and and a leading medical institution's likeness.
COVID-19 email scams have ran rampant since the pandemic started, with bad actors hoping to benefit from heightened fear and internet usage. The one the Microsoft Security Intelligence team is tracking claims to contain an updated death count from John Hopkins, which pioneered coronavirus maps and case tracking efforts.
- The best antivirus software we've tested
- Everything there is to know about the stimulus check
Except, according to Microsoft, the email's Excel attachment doesn't just display a chart with the number of coronavirus-related deaths in the US — when opened, the hostile file prompts users to 'Enable Content.'
For several months now, we’ve been seeing a steady increase in the use of malicious Excel 4.0 macros in malware campaigns. In April, these Excel 4.0 campaigns jumped on the bandwagon and started using COVID-19 themed lures.May 18, 2020
Once this action is carried out by an unsuspecting victim, the Excel file's malicious macros download and install the NetSupport Manager client using a remote access trojan, or RAT.
NetSupport Manager's remote administration tool then lets a hacker hijack the user's system even execute commands on it remotely.
The Microsoft Security Intelligence team issued this alert via Twitter, using a thread to explain that how a number of different dirty Excel files all trace to the same URL.
“The hundreds of unique Excel files in this campaign use highly obfuscated formulas, but all of them connect to the same URL to download the payload," Microsoft wrote. "NetSupport Manager is known for being abused by attackers to gain remote access to and run commands on compromised machines.”
Is this email a scam? How to protect yourself
Although the NetSupport Manager tool is useful for benevolent remote administration, it can be easily exploited by RAT hackers.
If a bad actor accesses your system through NetSupport Manager, your entire computer is compromised. The hacker has the means to command your machine, install files and steal personal data.
You can protect your information and your device with a healthy dose of skepticism. Whenever you receive emails from people outside of your contact list, don't click on any internal links and examine the sender's email address.
Malicious addresses often contain misspelled words or random combinations of letters and numbers, too.
It could also help to install and run some of the best antivirus software, not just on Windows but on Mac and Android too. Most of the attacks we've seen in recent months are already well known and will be detected and stopped by AV software.
