Dynamic word processor documents
Posted: 2017-03-14 20:41:41
G’day, all
A friend of mine sought my opinion about the veracity of an email message purporting to come from a legitimate financial institution. I was not completely happy with the message content, but nor was I sufficiently convinced it was a scam, especially as (unlike with many fraudulent emails) the links were legitimate. So I opened the attached .doc file (in Nisus Writer which proceeded to convert it), having first taken the precaution of ensuring I was disconnected from the Net. Just as well, because here is what I saw. (Don’t worry: this is just a Capture Selection shot taken with Grab, so it’s quite safe to open it. I have edited the image to cover the legitimate name and logo with red rectangles.)
Alarming to see this sort of thing in a word processor document, is it not? The corporate security team at the financial institution has since confirmed that the whole thing is a fraud.
Since I was not online at the time, I have no idea whether the document was actually a dynamic one, transferring data between my computer and who knows where. And I wasn’t about to test it! I’ve since deleted it.
I have never seen such a document before, so I’m now seeking some clarification.
Can a word processor document contain code that automatically establishes a data channel with the Net? Or would that “Loading document…” message just be some sort of prank (a simple textual joke), with no actual behind-the-scenes dynamic import?
If a dynamic file is a possibility, can a Word document do this? Can a pure Nisus document (ie, created and viewed only in Nisus Writer) do this?
Nisus Writer’s conversion engine probably just gives you (more or less) exactly what was in the original document, but one wonders whether it needs to incorporate some sort of security mechanism to alert the user about the existence of an embedded dynamic link and offer the opportunity to abort the conversion and delete the original document.
Most worrying of all, though, is the issue of whether — in the interests of security — one should only ever open email attachments when offline.
I’ve never seen word processor documents as a security risk before, unless of course one deliberately clicked on an embedded link that led somewhere unpleasant. Have I been deluding myself?
I look forward to the Wisdom of the Forum on these issues.
Cheers,
Adrian
A friend of mine sought my opinion about the veracity of an email message purporting to come from a legitimate financial institution. I was not completely happy with the message content, but nor was I sufficiently convinced it was a scam, especially as (unlike with many fraudulent emails) the links were legitimate. So I opened the attached .doc file (in Nisus Writer which proceeded to convert it), having first taken the precaution of ensuring I was disconnected from the Net. Just as well, because here is what I saw. (Don’t worry: this is just a Capture Selection shot taken with Grab, so it’s quite safe to open it. I have edited the image to cover the legitimate name and logo with red rectangles.)
Alarming to see this sort of thing in a word processor document, is it not? The corporate security team at the financial institution has since confirmed that the whole thing is a fraud.
Since I was not online at the time, I have no idea whether the document was actually a dynamic one, transferring data between my computer and who knows where. And I wasn’t about to test it! I’ve since deleted it.
I have never seen such a document before, so I’m now seeking some clarification.
Can a word processor document contain code that automatically establishes a data channel with the Net? Or would that “Loading document…” message just be some sort of prank (a simple textual joke), with no actual behind-the-scenes dynamic import?
If a dynamic file is a possibility, can a Word document do this? Can a pure Nisus document (ie, created and viewed only in Nisus Writer) do this?
Nisus Writer’s conversion engine probably just gives you (more or less) exactly what was in the original document, but one wonders whether it needs to incorporate some sort of security mechanism to alert the user about the existence of an embedded dynamic link and offer the opportunity to abort the conversion and delete the original document.
Most worrying of all, though, is the issue of whether — in the interests of security — one should only ever open email attachments when offline.
I’ve never seen word processor documents as a security risk before, unless of course one deliberately clicked on an embedded link that led somewhere unpleasant. Have I been deluding myself?
I look forward to the Wisdom of the Forum on these issues.
Cheers,
Adrian