Human resource management is the first point of contact to the external network as they need to share email ID to public. People looking for job in that any organization will attach resume and send the same to HR via email. They attached files may be pdf, word, odf,. etc..
Attacker takes this as an advantage, then crafts a word document having macros and sends to HR mail id with the name of resume. Assuming that it is an original job request, the HR person will open it. Boom! the payload inside the macro gets executed and introduces malware to that PC. That said, It's not easy to craft the macro but it is not an impossible job. Execution of payload may depends on the vulnerable office suites, pdf readers, mail clients.. etc. If the PC is running without updates and patches, then it will be very easy to exploit.
- Adding virus scanner plugins in mail client will save from known viruses inside the document.
- Avoid opening mails from sources like .tk,.protonmail ..etc
- Never turn on Macros in document readers
- Updating patches of Office,pdf suites.
I have planned this blog to express my view on Information security and will try to learn/help from/for other security minds. All views expressed here are strictly from personal view. This blog is neither an organization nor affiliated to any organization with respect to the blog posts.
Hi.. Myself Varun Kondagadapa and I am Information Security Specialist having 2+ years of experience in Securing organizations. From startups to MNC I have work experience in all scales of Infra.
Be the first one to comment