In recent days, all cyber security analysts have been warning us about the newest threat to security, an adware that has been named Fireball. This adware is a browser hijacker--it has the capability to take control of your browsers, track your web usage, and wreak havoc in many other ways. It makes use of tracking pixels to get victims' personal information.
Fireball is bundled with other legitimate software the victim has already agreed to download. It appears as a link to a PowerPoint file in emails. The link is usually to a file named "order.ppsx", "invoice.ppsx", or “order&prsn.ppsx”. Simply hovering your mouse over the link can download the adware into your computers. The emails seem to have the subject line "RE:Purchase orders #69812" or "Fwd:Confirmation", sometimes with an attached zipped file containing the adware.
In a previous Tips & Tricks post, we discussed the content reports of Exchange Reporter Plus. These reports will help you locate emails in your organization that contain the adware links in the content or have the malicious attachments.
Create a custom report by following these steps:
Exchange Reporter Plus fetches the required data and displays it in the newly created report. This way, you can identify emails that are possible carriers of Fireball and warn the employees of your organization.
Need further assistance? Fill this form, and we'll contact you rightaway.