A form of malware called Dridex is targeting finance employees at small to midsize companies. The criminals are sending emails with Microsoft Word and Excel attachments. The emails are very targeted and trick the employee into opening the attachment. Once the employee opens the attachment and enables macros the malware infects the computer. It sits on the computer and waits to steals valuable information such as banking login credentials. It can also steal other login credentials to social media accounts etc.
Fujitsu has a very good video on a Dridex Case Study. Worth sharing with clients and colleagues!