Lawrence Abrams reports:
To stay safe online, everyone needs to recognize malicious attachments that are commonly used in phishing emails to distribute malware.
When distributing malware, threat actors create spam campaigns that pretend to be invoices, invites, payment information, shipping information, eFaxes, voicemails, and more. Included in these emails are malicious Word and Excel attachments, or links to them, that when opened and macros are enabled, will install malware on a computer.
Before Word or Excel executes macros in a document, though, Office requires you to click on the ‘Enable Editing’ or ‘Enable Content’ buttons, which you should never do.
Read more on BleepingComputer to see actual examples of attempts. Looking for materials to share with your employees as part of their awareness and training on avoiding phishing? Do look at this article.