Here in the last week, both at work and at home, I have seen the following type of email:
This email has every indication of being malicious, with a password protected word document, unsolicited, and with very little details to go on. Let's download this puppy into our virtual machine and check it against just generic Windows Defender built into the machine.
Nothing seems all that unusual. But if you open the file, it really wants you to enable macros and click on them.
Look what happens when you enable the macros and click on the files. A bunch of VB scripts. Are those scripts dangerous? Absolutely.
This virustotal scan was taken nearly one week after the files was emailed to us. Are we brave enough to run the scripts in a controlled environment?