Phishing Attack: Beware of “Corrupted” Word Documents This Holiday Season
As the year draws to a close, a familiar email about your annual benefits or bonus may seem routine. However, beware—cybercriminals are using this time of year to deploy a new phishing scheme. The attack starts when you open an attached Word document, which reports that the file is corrupted but can be recovered. If you opt to recover the content and scan the QR code that appears, you’re led to a fake Microsoft login page that steals your credentials if entered.
This phishing method takes advantage of the fact that the harmful content isn’t immediately scannable within the document, allowing it to slip past antivirus software. While this type of phishing is not new, the technique of deploying it via corrupted Word files is a novel tactic.
To protect yourself, the best defense remains simple: avoid opening email attachments from unknown or unexpected senders. If the sender is trusted but the email seems out of character, double-check before proceeding.
Additional safety measures include being cautious of links in emails, unless you initiated the communication. It’s safer to open a new browser tab and navigate directly to the official website, logging in from there.
Switching to passkeys for account access can further safeguard you against phishing attacks. Passkeys are tied to your device, and any attempt to use a copy elsewhere will fail. If passkeys are not available, enable two-factor authentication (2FA) for an extra layer of security.
Lastly, remember that phishing attacks require your active participation. Always pause and ask yourself if something like scanning a QR code in an unexpected Word doc is legitimate—chances are, it’s not.
