SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Pastimes : Computer Learning
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
Recommended by:
goldworldnet
Honey_Bee
locogringo
N. Dixon
To: FJB who wrote (96563)5/12/2017 5:05:36 PM
From: SI Dmitry (code monkey)4 Recommendations   of 110652
 
I think you are referring to some of the exploits used by the virus once it is executed. But how it gets executed is a matter of a bit of social engineering. It is sending out at least 5 million phishing e-mails an hour now from botnets. This is how the virus/trojan/ransomware primarily spreads:

You receive an e-mail with an attached PDF, quite possibly from someone you know. The PDF instructs you to click on an attached (macro-enabled) Microsoft Word document (“.docm” file extension).

The attachment then opens in Word. In Word, it provides a “friendly” instruction template telling you how to view the content of the “protected” message. But this template is the document, not an instruction from the operating system or Word itself. And what these instructions are really telling you how to circumvent default settings in Microsoft Word that disable macros, (called “protected mode”). People who take these actions are actually allowing the Trojan to execute.


Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2026 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News