Security News Cerber Ransomware Spreads via Fake Credit Card Email Reports

[LASER_oneXM]

.... 'dangerous' Christmas in this year....

.....some quotes from the artcle above:

Just in time for the Christmas holiday shopping spree, the group behind the Cerber ransomware has launched a spam campaign that uses fake credit card reports to trick users into opening a Word file that under certain circumstances will download and install the deadly Cerber ransomware.

The email's clever design is obvious because it plays on everyone's fear of getting billed for items they haven't purchased.
The email uses a sense of urgency to trick victims into opening a password-protected Word document that contains instructions on how to cancel this operation.
The usage of password-protected files is because most banks send customers password-protected files, but also because email scanning systems and anti-malware products can't open to scan the email's attachment.

Once users allow the macro script to execute, it's game over, as in a matter of seconds, the macro runs a PowerShell script that downloads and installs the Cerber ransomware, which immediately starts to encrypt the user's files.