This example was seen this morning, and represents a clever way to lure victims into opening a malicious spreadsheet.

You receive an e-mail stating that your January statement of account is ready for download. Seems reasonable, right? We’ve all got statements of one kind or another that come every month.

But…

Once you start examining the e-mail, you don’t recognize the name Schoville as one to which you owe anything. The sender is also odd - Danielle Overmeyer? Who the heck is that? And what kind of e-mail address from a legitimate creditor starts with wa75795195?

If you haven’t deleted the e-mail already (which you absolutely should have), your suspicions are definitely raised beyond normal to full-blown paranoia.

If you move on to checking the download link provided by hovering over it, you discover something surprising. It’s www.google.com! It’s got to be safe! Google wouldn’t attack you!

No, Google wouldn’t. But look carefully at the entire URL and you realize all the attacker has done is give you a link to a Google search that will find his site and its malicious content. In this case, a weaponized Excel spreadsheet.

Lots of screenshots follow. First is the actual e-mail.

If you had clicked the link and downloaded the spreadsheet (all of which is uber-suspicious, right?), you would have seen our old friend (enemy, actually) asking you to enable macros in the spreadsheet.

Since you would never, ever enable macros (also called “content” on some other versions of Office) on any file you receive randomly from the Internet, you’d be safe. You’d close Excel, delete the spreadsheet and e-mail, and go on about your business.

However, someone who did enable macros in the spreadsheet would have all their personal files encrypted by one of the more prevalent ransomware viruses called Cryptowall, and would have to pay a ransom of around $500 to get them back. Below is redacted view of what is shown once the damage is done.

If there’s ever a doubt, delete. Delete with extreme prejudice. And always feel free to ask questions.