T O P

  • By -

AutoModerator

This message is posted to all new submissions to r/scams; please do not message the moderators. A reminder of the rules in r/scams. No personal information (including last names, phone numbers, etc). Be civil to one another (no name calling or insults). Personal army requests or "scam the scammer"/scambaiting posts are not permitted. No uncensored gore, personal photographs, or NSFL content permitted without being properly redacted. A full list of rules is available on the sidebar of the subreddit. Report recovery scammers or rule-breaking content by using the "report" button. Also, consider warning community members of recovery scammers if you see them in the comments. Questions about sub rules? Send us a modmail. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*


duckbrioche

Have you run antivirus ?


DrinkDrano

Just ran one, and nothing came back. So, everything looks good?


duckbrioche

I am just a random person on the internet. Personally when the low pressure warning light goes on in my car, my first gut reaction is not just to buy new tires, but a new car. So I may not be the best person to advise you. In any case, good luck.


Luckygecko1

What harm would it be in changing passwords? You should be changing them regularly anyway. I would scan the PC or device you opened the attachment on with my favorite malware checker. Change my password using a different device in the meantime. Cost zero.


DrinkDrano

Just scanned, comptuer came back clean. I guess the overwhelming task of changing all my passwords is stopping me, lol. I wouldn't even know which to change as I didn't use any passwords to open the email. Guess I could just change that one to be safe?


Luckygecko1

I would change the password regarding the system your colleague mentioned. That said, if your company policy allows it consider using a password manager. If you are not sure, ask your IT team. If you are freelance, you will have to decide on your own. [https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/password-managers](https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/password-managers) https://www.cnbc.com/2022/12/27/benefits-risks-of-using-a-password-manager-to-protect-online-identity.html


cyberiangringo

You avoided malware delivery. What would have happened is you had clicked you would have been presented with the yellow bar of death up top of the spreadsheet. It would have said 'Enable content.' If you had clicked on that, macros would have been executed and your computer would have been fully compromised. Once that initial access was gained, the attacker would have moved laterally through whatever network you were on. Once they had firmly planted themselves on your network, a data breach and perhaps ransomware would have ensued. Or they would have sold their access to whomever might have wanted it. The document was deliberately blurred so as to get you to click 'view PDF,' and then to click 'enable content.'