we have noticed a massive dispatch of computer viruses via email from a criminal organization that improperly identifies itself as an apparently legitimate MORIS sender.
Attached is typically a .doc or .docx file that contains a virus, not always identified by the protection programs.
Unlike similar attacks, the Italian grammar is perfectly correct, the sender appears legitimate and therefore the attack is particularly dangerous.
How to recognize this type of email as fraudulent:
1) the type of attachment: MORIS does not send .doc, .xls, .gz files to its customers, but typically PDFs. If we send you different formats that you weren’t expecting from us, always ask us for confirmation
2) the sender’s name looks legitimate, but the e-mail address is not. For example, the sender can be Davide Caprioli <firstname.lastname@example.org> <email@example.com>
What you have to do if you have opened the file:
1) immediately disconnect your PC from the network, so as not to spread the infection.
2) contact your IT technical assistance immediately for a suspected infection.
What are the best practices to prevent infections and damages to your data:
1) schedule the backups of emails and important files on a different medium than the PC itself or on a separate local network.
2) install an antivirus and keep it updated.
3) never open non-PDF files that you weren’t waiting for. Always ask yourself whether a file has reason to be transmitted in .doc format; have you ever received offers or order confirmations in formats other than PDF?
4) even PDF files can be risky: if you find a link to another site inside them, don’t click, but close the file;
5) keep your operating system updated and install security updates when required.
Unfortunately, this refined attack is independent from our will and did not originate from our systems. We trust that this notice and these tips will help you to protect yourself.
MORIS Italia Srl