Phishing Attack Hackers Have a New Trick

And it’s working.

By Rick Richardson

Cybercriminals are experimenting with a new method of delivering dangerous payloads and employing targeted phishing emails to infect users with malware.

According to a study by Proofpoint, digital OneNote notebooks (denoted by “.one” extensions) are increasingly being used by cyber-attackers to spread malware. OneNote is included in the Microsoft 365 office software bundle and is a widely used piece of software.

MORE TECH THIS WEEK: ChatGPT: What It Is. Why You Need to Know. | Russia-linked Ransomware Back with a Vengeance | Amazon AWS: The Mainframe Killer? | Amazon Launching Its First Internet Satellites | Russian SolarWinds Hackers at It Again | NASA Finds a $10 Quintillion Asteroid | Firms Must Balance Benefits, Risks of Emerging Technology | Microsoft and Google Go to War
Exclusively for PRO Members. Log in here or upgrade to PRO today.

OneNote documents are rarely misused in this manner, according to cybersecurity professionals, and there is only one clear reason attackers are experimenting with them: They can more readily avoid threat detection than other attachments. And it seems to be effective.

Posted on March 21, 2023

Rick Richardson

About the Author

Rick Richardson, CPA.CITP, CGMA, is the CEO and founder of Richardson Media & Technologies and editor and publisher of Technology This Week, regularly featured at CPA Trendlines under special arrangement.

See more by Rick Richardson

Technology This Week provides an easy to read digest of the technology that tax and accounting practitioners need to know to better serve their clients. Professionals rely on Richardson to tell them in a timely and informative manner what’s new in technology and how it will impact their business and personal lives. Subscribers also have access to the entire library of prior issues with an easy-to-use search.

With all of the news sources available today, it's next to impossible to keep up with what's new in the world of technology. Technology This Week is a 20-minute read designed for an average reader rather than the technologist. Richardson had a 28-year career in technology with Ernst & Young, the last twelve years of which he served as National Director of Technology. He has been named to the "Technology 100" – the annual honors list of the 100 key achievers in technology in America. He has also been honored by the American Institute of CPAs with two lifetime achievement awards for his contributions to the profession in the field of technology. In 2012, Rick was inducted into the Accounting Hall of Fame by CPA Practice Advisor Magazine. He has also been named to the 100 most influential individuals in the accounting profession in America by Accounting Today magazine. He is a sought-after speaker around the world, providing his annual forecast of future technology trends to thousands of business executives, professionals, community leaders, educators, and students.

Click here for more by Rick Richardson

TO READ THE FULL ARTICLE

Continue reading your article with a CPA Trendlines Pro membership.