Scammers are deliberately distributing corrupted Word files via phishing emails, reports suggest 24 Channels. Email security tools typically scan attachments for threats, flag malicious content, or block access to suspicious files. However, corrupted files are not read by these tools, allowing them to pass through security filters undetected.

How does the method work?

Microsoft Word has the ability to restore such damaged files and make them available to the user. Once the malicious content is restored, it becomes visible to the victim. In the documented case, the corrupted file contained a QR code that redirected to a fake Microsoft 365 login page designed to steal user credentials.

Why is it effective?

Corrupted files continue to run on the victim’s system but are not detected by most antivirus solutions. Even VirusTotal, a well-known malware analysis platform, cannot flag these files as malicious and mark them as “clean” or “not found”.

How do you protect yourself?

To reduce the risk of becoming a victim of this type of attack, experts advise you to be careful when working with email attachments, especially from unknown or suspicious sources. Users should be wary and suspicious of spam messages, relying on common sense as an added layer of protection.