Microsoft will soon offer users better protection against phishing attacks that push malware using its OneNote program.
The company made this announcement in a new Microsoft 365 roadmap entry named “Microsoft OneNote : improved protection against known high risk phishing file types.” Its description reads:
“We add enhanced protection when users open or download an embedded file in OneNote. Users will receive a notification when the files deem dangerous to improve the file protection experience in OneNote on Windows.”
Microsoft said that this feature would likely reach general availability by April 2023.
This development comes after cybercriminals recently started exploiting OneNote as a way to infect a victim’s PC with malware and steal their sensitive data. Instead of using macros, which Microsoft is now blocking in Office documents by default, threat actors are now attaching malicious VBS files to a OneNote notebook. To hide them and make the OneNote document look legitimate, they will hide the files behind a box that asks the victim to double click to view the document properly. This, however, introduces the malware to the computer.
These malicious programs can take screenshots and record video using the victim’s webcam, and install remote access trojans that can steal cryptocurrency wallets and sensitive information.
While OneNote does warn users that opening attachments could compromise their computer and data, many of them ignore the notification anyway and proceed with launching the file because they trust the source or believe that the document is legitimate.
Even as Microsoft prepares to introduce a security feature to OneNote, it still pays to know how to protect yourself from attacks like this. Do not open unsolicited emails and attachment from people you do not know, and make sure that your security programs are updated to make sure that they can properly detect and remove malware.