{"id":319,"date":"2019-04-06T19:33:18","date_gmt":"2019-04-06T19:33:18","guid":{"rendered":"http:\/\/www.syyhoaxanalyzer.com\/?p=319"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T17:00:00","slug":"'Review-my-CV'-Macro-Malware-Email","status":"publish","type":"post","link":"http:\/\/www.syyhoaxanalyzer.com\/?p=319","title":{"rendered":"&#8216;Review my CV&#8217; Macro Malware Email"},"content":{"rendered":"<div>\n<p>In recent years, criminals have repeatedly <a title=\"'My Resume' Malware Emails\" href=\"http:\/\/hoax-slayer.net\/my-resume-malware-emails\/\">used fake resume<\/a> or CV emails as a <a title=\"Bogus Resume Emails Contain Ransomware\" href=\"http:\/\/www.hoax-slayer.com\/my-resume-emails-ransomware.shtml\">means of distributing malware<\/a>. Some earlier versions included the malware in attached .zip files that harboured malicious executable files. \u00a0 <\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Top Content Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"4870821038\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p>This version takes a different approach. The email asks you to review the sender&#8217;s CV, which is supposedly contained in an attached Microsoft Word document simply titled &#8216;Resume.doc&#8217;. Given that employers may regularly receive CVs and resumes in Word format, at least a few recipients may go ahead and open the attachment. After all, they may create, open, save, and send &#8216;.doc&#8217; files every day and may, therefore, consider them safe.<\/p>\n<p>But, this Word document includes \u00a0a malicious macro. When you attempt to open the seemingly innocuous Word document, you will receive a message claiming that the document is &#8216;protected&#8217; and you must, therefore, enable macros before the content can be correctly displayed. If you enable \u00a0macros as instructed, \u00a0 \u00a0the malicious macro can then run and proceed to \u00a0download and install other types of malware.<\/p>\n<p>A \u00a0macro is a group \u00a0of commands and instructions that can be collected as a single command in order to quickly and automatically accomplish a task. \u00a0Microsoft Office programs and other types of software allow you to build \u00a0your own macros to create more efficient workflows.<\/p>\n<p>However, macros can also be used maliciously. In the past, macro virus threats were common. Thankfully, later versions of Microsoft Office disabled macros by default thereby lessening the threat posed by macro viruses. But, online criminals are again using macros to trick people into installing malware. Unless you have a specific need to use macros and are aware of the potential risks, you would be wise to leave macros disabled. \u00a0<\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block; text-align:center;\"\n     data-ad-format=\"fluid\"\n     data-ad-layout=\"in-article\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"9162856233\"><\/ins><br \/>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p> However, <a title=\"Macro Virus Threat Returns - Beware Emails With Malicious Word Attachments\" href=\"http:\/\/www.hoax-slayer.com\/word-macro-malware-emails.shtml\">malicious macros are again being used<\/a> to spread malware.<\/p>\n<p>In modern incarnations of the threat, criminals do not try to subvert in-built security systems but use simple social engineering techniques to get users to allow the macros to run. The criminals rely on the curiosity of recipients who may proceed without due caution in the hope of finally viewing the promised document content.<\/p>\n<p>Therefore, \u00a0unless you have a good reason to use them and have a sound \u00a0knowledge of the potential risks they pose, it is safest \u00a0to leave them \u00a0disabled by default. Be wary of any \u00a0message that claims that you must enable macros to view or interact with Microsoft Office documents. It should never \u00a0be necessary to enable macros in order to view a simple document such as a CV.<\/p>\n<div class=\"example\">\n<p><b>EXAMPLE:<\/b><\/p>\n<p><strong>Subject: Quick Question<\/strong><\/p>\n<p>Hi<\/p>\n<p>I was visting your website on 1\/28\/2016 and I&#8217;m very interested.<br \/>\nI&#8217;m currently looking for work either full time or as a intern to get experience in the field.<br \/>\nPlease review my CV and let me know what you think.<\/p>\n<p>Thank you for your recommendation,<\/p>\n<p>&#8212;<br \/>\n[Name removed]<\/p>\n<p>Attached file: &#8216;Resume.doc<\/p>\n<\/div>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- Third Content Ad Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"1909104632\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<div align=\"center\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Bottom AdLinks --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"1358951439\" data-ad-format=\"link\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/div>\n<p><\/br><\/br> Original Source : <a href=\"https:\/\/www.hoax-slayer.net\/review-my-cv-macro-malware-email\/\" target=\"_blank\">https:\/\/www.hoax-slayer.net\/review-my-cv-macro-malware-email\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In recent years, criminals have repeatedly used fake resume or CV emails as a means of distributing malware. Some earlier versions included the malware in attached .zip files that harboured malicious executable files. \u00a0 This version takes a different approach. The email asks you to review the sender&#8217;s CV, which is supposedly contained in an [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6890,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-319","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hoax-inggris"],"_links":{"self":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/319"}],"collection":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=319"}],"version-history":[{"count":0,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/319\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/media\/6890"}],"wp:attachment":[{"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=319"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=319"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}