Consumers need to be aware of a phishing scam that is making the rounds this holiday season.
Microsoft and MasterCard are warning users of a scam that could lead to Cerber ransomware. The scam email is supposedly from MasterCard telling the potential victim that they need to click on an attachment to avoid an unwanted charge.
The email comes with a set of instructions to open the attachment supposedly coming from Microsoft. The attachment is a Microsoft Word document. The instructions are to tell the victim how to deal with the Macro.
The email has a hint of validity as it bears a Microsoft logo. However, the MasterCard component is riddled with typos and punctuation errors.
“There are some social engineering flaws in the attack emails. In our sample, the sender address does not spoof MasterCard or a bank, making it much less convincing. Also, the apparent use of automated code to copy the recipient local-name to the salutation section of the message and the file name of the attached document is a giveaway,” Microsoft wrote.
The email is well crafted in that it uses the actual victims name in a few places. Also, the attachment is password protected which Microsoft’s researchers said it may also make the document appear more legitimate to the target.