New Malware Threat Activates by Hovering Over Link

What happened?
A new security threat allows malicious software to be installed on computers running Microsoft Office. The target users receive an email with a Powerpoint attachment. If they click to open the attachment the link “Loading…Please wait” appears.  When they hover over the link the malware installs automatically if they are using Microsoft Office 2007 or earlier.

What can you do to protect yourself?
More recent versions of Microsoft Office such as those in use at FIT will block the malware and show a Microsoft pop-up with a “potential security concern.” If you receive this pop-up, you are urged to click “Disable.” Choosing any other option will allow the malware to install.  

If you are running older versions of Microsoft Office on your home computers, you may get Office 365 for free as a current FIT student or employee.

How does it impact the FIT community?
FIT computers are currently running Microsoft Office 2016. If you are using Office 365 or accessing Office online, you are also protected from this latest threat as long as you pay very close attention to all pop-ups and security messages. Remember, click “Disable” on the Security Notice window to prevent external programs from running automatically.

Where can you get more information?
Engadget
PC Magazine

About Cybersafe
The Division of Information Technology is dedicated to informing the community of the latest cybersecurity threats. Visit fitnyc.edu/cybersafe and stay tuned for emails from [email protected] for the latest from the Cybersafe campaign at FIT.

Be aware—and be cybersafe!

Questions? Comments? Email [email protected] or call 212 217.HELP (4357).