A:
If you get another Word document from the same IP address, you should
assume it’s the work of a man-in-the-middle attacker.
Whether it is the work of a man-in-the-middle attacker or a script kiddie is debatable. Attackers need to stay one step ahead of IT department
A:
I can see some suspicion of script kiddie here. This is a script-writing kiddie.
Scratching this out to get it up:
What’s the meaning of this?.
It means:
The only reason the script kiddie is scratching this out is because he has a pretty good idea that it’s really easy to do and doesn’t need to go through all of the steps it normally would.
That’s not to say that it’s not a perfectly legitimate attack but it is harder to detect. This also means that if you don’t have the time to verify the script this one might be able to get past you.
This person is hacking me.
It means:
That person has hacked into your computer and is sending you a document. They are probably trying to get you to download something (to get your bank account information, for example).
Unless you have a publicly-visible certificate or properly-protected port then this has no effect. A standard Port 80/443 listener on a firewall will just handle this perfectly fine.
I use a Mac.
It means:
This person is probably going to get you to use a Windows machine. Macs do not have this installed (and some are not able to get this).
This is going to happen if you attempt to download/run the.exe file (or any associated setup that would be on a Windows machine).
He’s trying to distract me with a fake site.
It means:
This person is going to load this website for you to read while you’re trying to download the malware. The malware will redirect you to the fake site once it’s on your computer.
If this is a redirect it should go through your firewall/anti-virus like any other site. You should be able to just ignore the site.
I ac619d1d87
Related links: