1. I've received an unknown Word/Excel/Zip file from a company (I don't know/I know), Why?
Spammers are using a technique called a joe job. This is used by spammers to sends out unsolicited e-mails using spoofed sender data. and typically used by commercial spammers to conceal the true origin of their messages.
The spammers normally get your email address from large lists of "good, active email addresses" via leaked account databases, fake "un-subscribe" links or just generated randomly.
Email "From:" address can be faked, so they look they they can come from anywhere.
2. Where did the email really come from?
Email headers can help show you were the actual email was sent from.
Broomall, United States [220.127.116.11]
Received: from 75-147-72-225-philadelphia.hfc.comcastbusiness.net (75-147-72-225-Philadelphia.hfc.comcastbusiness.net [18.104.22.168])
by plf-01.xxx.co.uk (Postfix) with ESMTP id C5D2A1E530D
for ; Thu, 15 Jan 2015 10:07:28 +0000 (GMT)
From: Invoice from Hexis
Hamburg, Germany [22.214.171.124]
Received: from [126.96.36.199] (unknown [188.8.131.52])
by plf-01.keele.netcentral.co.uk (Postfix) with ESMTP id CC8081E5337
for ; Thu, 15 Jan 2015 10:06:58 +0000 (GMT)
From: Invoice from Hexis
Milan, Italy [184.108.40.206]
Received: from ppp-18-180.20-151.libero.it (ppp-18-180.20-151.libero.it [220.127.116.11])
by plf-01.xxx.co.uk (Postfix) with ESMTP id A0FD81E5304
for ; Thu, 15 Jan 2015 10:07:25 +0000 (GMT)
Subject: Payment request of 1948.78 (14 JAN 2015)
3. Will Word/Excel malware document infected my Apple, Android, Blackberry device?
Currently, iPhone, iPad, Mac, Android, Blackberry and Windows's phone won't be infected,
if you open the Word/Excel documents, as the Macro's inside them either:
a) Won't run
b) If they did run, the downloaded file won't run on the above operating systems
It's worth remembering though, that if use use any of the above devices and foward to a Windows user,
you may end up infecting them.
4. Will Word/Excel malware document infected my Windows pc?
- If you've received the email but not clicked on the Word/Excel document (you should be ok)
- If you've received the email but clicked on the Word/Excel document, you might be ok,
if you have macro disabled (see below post)
- If you've received the email but clicked on the Word/Excel document, it might be worth running
a virus scan (see Online Scanners from top menu)
- If you've received the email but clicked on the Word/Excel document but use
LibreOffice/Openoffice, you might be ok.
5. How do I disable Macros?
In Office/Excel, use the following short cut:
Alt T (and then release)
Make Sure this option at least is selected
Might be worth disabling this option too...