Get Started
Feb 6, 2023

Phishing Emails with OneNote Attachments Infect Users with Remote Access Malware

Abstract Technology Dark Red Background. Cyber Attack, Ransomware, Malware, Scareware Concept phishing

Microsoft's OneNote is a popular note-taking application that allows users to create and organize notes that can include text, photographs, and multimedia. Notes can be grouped into notebooks and sections, which can then be shared and collaborated on by others.

However, hackers are now making use of the program to send out spam emails with harmful OneNote attachments.

This malspam, also known as malware spam, pretends to be DHL shipping alerts, invoices, ACH shipping documents, and mechanical drawings.

Why is OneNote vulnerable to malicious virus installations?

A program's repetitive operations can be automated using macros, which are a series of instructions the software follows. Word, Excel, and other Office applications frequently employ macros to automate activities in the Microsoft Office environment. However, Microsoft disabled macros by default within OneNote, which allowed threat actors to launch scripts to spread malware.

How are hackers sending viruses through OneNote?

BleepingComputer states, “OneNote allows users to insert attachments into a NoteBook that will launch the attachment”. As a result, hackers are utilizing this situation by inserting malicious viruses that, when double-clicked, instantly download the malware to a user's machine.

Once the virus has been downloaded, it can cause a variety of system disruptions, allowing hackers to:

  • Steal files and passwords
  • Make screenshots
  • Record videos using webcams


Make sure you pay attention to emails that seem suspicious.

  • Reduce the Number of Links Clicked and Attachment Downloads

It simply isn't safe to click on links that come in random emails. Make careful you only click links from trusted, expected sources and when they are not a sales pitch or an attempt to collect your personal information.

  • Keep a Safe Sender's List up to date

No matter how modern, expensive, or glitzy your spam filter is right now, it won't always keep unwanted mail out of your inbox. Take a time to block any spam email that you notice slipped through your filter to prevent it from happening again. In addition, be careful only to open emails from contacts who have been verified.

  • Encrypt Your Email

Email security starts with encryption. Simple-to-use one-click email encryption tools protect users' communications from prying eyes while sending. Additionally, users will be able to read and send encrypted communications directly from their mobile devices, saving both battery life and bandwidth by not having to save the content locally.

Our job is to help companies create more unified business functions, improve customer service, and utilize technology to move forward. Chicago-experienced IT consulting experts will make your technology work for you and keep you from spending endless, frustrating hours managing your business IT. Managed IT is when the Infiniwiz team proactively takes care of all the IT headaches and hassles for you…So you can get done on your “to-do” list – like growing the business! If you have any questions, feel free to contact us!

Technology Insights

Best ways to support small business IT

Best ways to support small business IT

Small businesses form the backbone of our economy, contributing to job creation, innovation, and community...
Read More
Navigating the Complex Landscape of AI in Cybersecurity

Navigating the Complex Landscape of AI in Cybersecurity

In today’s digital age, artificial intelligence has continued to evolve and integrate into various business...
Read More
Types of Cyber Attacks and How to Avoid Them

Types of Cyber Attacks and How to Avoid Them

Cyber attacks on businesses from all industries and sizes can result in devastating financial and...
Read More
chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram