The SANS Internet Storm Diary is reporting that the Emotet botnet, that was taken down earlier this year by worldwide Co-operation of law enforcing has started to show up again on their monitoring.
This botnet distributes malicious packages via email attachments and then deploys these packages using the macro functionality in Microsoft Excel spreadsheets and Word documents and password protected zip files containing a Word document.
Your first line of defence is not to allow any Office macros to run on your system – and to ban them across your organisation. If this is not possible then tightly control the sources of macros you are prepared to trust – examine the risk carefully.
Your next defence is to run staff training educating everyone in the cybersecurity threat that can enter your organisation via a simple email. At Smart Thinking we run a highly effective online training session consisting of a seminar and then a follow-up question and answer session that is targeted at the needs of the particular organisation we are working with.