March 8

0 comments

Craigslist password protected email danger – How to avoid the malware

By Christopher G Mendla

March 8, 2018

Windows 10

Last Updated on January 19, 2020 by Christopher G Mendla

I received an email that appeared to be a response to a craigslist posting I made. The email said to open the Word document with the supplied password for the contact information. As soon as I saw that I pictured the goofy robot with it’s arms flailing saying “Danger Will Robinson. DANGER, DANGER”, or the weird fish guy saying “It’s a trap!!”. Here is how to identify these traps.

There were a number of obvious clues that this was not a legitimate email.

  • Why would anyone put their contact information in a password protected document?
  • The wording of the email was not that of a native English speaker.
  • The body of the email was not text, it was an image. This helps the email evade anti malware tools that protect your email.

If a document is encrypted virus scanners cannot determine that it carries malware because they cannot read the contents until it is decrypted.

NEVER enter a password given for a password protected MS Office document or PDF file unless you are absolutely sure of the identity of the sender. Opening such a file could allow it to execute malicious code.

In order to infect a user, the following has to happen:

  • The receiver needs to try to open the attached .doc file with Microsoft word
  • The receiver needs to enter the correct password
  • Macros must be enabled in Word.

I don’t use Word on my Windows 10 laptop, I use Libre Office. Even so, I would be leery of opening the document. I switched to a Ubuntu (linux) machine and opened it there. A message pops up telling you to enable macros to view the document.

This is how the body of the email appeared.

Craigslist password protected Word Document malware
Craigslist password protected Word Document malware

This Post has some technical details about the malware trap

Craigslist password protected Word Document malware DANGER
Craigslist password protected Word Document malware DANGER

Christopher G Mendla

About the author

A web developer living in Southampton, PA

Self motivated critical thinker and problem solver providing technology consulting services.

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}