Threat alert: New malware attacks from Excel files
Got an Excel attachment in your email? Double-check it before downloading – it could be infected with malware.
In its 2021 Q4 Threat Insights Report, HP’s Wolf Security service detected a dramatic 588% surge in computer and network malware infections involving Excel add-in files that end in .XLL.
Double-clicking these attachments or links opens Excel, which then prompts the user to install and activate the add-in. These particular malware attacks don’t require the user to exit Excel’s Protected View and enable macros.
Prevent Excel malware sneak attacks
The HP Wolf Security report offered three different options for organizations to protect themselves from .XLL malware attacks:
- Have IT configure your firm’s email gateway to block inbound messages that have .XLL attachments. Some email gateways already do this because .XLL files are dynamic link libraries, a type of file not typically sent by email.
- Configure Excel to allow only add-ins from trusted publishers. From the File menu, click on Options, then select Trust Center and click on the Trust Center Settings box to the right. Trusted publishers, locations, documents and add-in catalogs are the top options in the Trust Center menu.
- Configure Excel to disable all proprietary add-ins. This can be done under “Add-Ins” in the Excel Trust Center Settings.
Free Training & Resources
Webinars
Provided by Insightsoftware
White Papers
Provided by Personify Health
White Papers
Provided by Anaplan
Further Reading
Non-bank financial institutions are facing a double whammy, courtesy of the Consumer Financial Protection Bureau (CFPB). A new federal...
Companies know that clients prefer doing business with environmentally responsible partners. If a company is doing something to reduce plas...
Because your A/P staff is so good at keeping important bills paid, it unfortunately makes them a prime target for payment fraud email campa...
Cybercriminals have zeroed in on finance, where every click can move real money. In fact, 79% of companies experienced an attempted or actu...
Is there a single business in the U.S. that’s resisted raising prices since early 2020? Good luck finding one. But there’s a fi...
To keep your ACH payments flowing smoothly, Nacha advises businesses to update financial institution routing number validation tables at le...