“Can’t view the content? Please click Enable Editing.” SCAM OF THE MONTH


Each month, we highlight REAL examples of tactics criminals are using RIGHT NOW to take advantage of you and your colleagues. We hope this will better prepare you when the next scam hits.

Paulo doesn’t know much about the tax process and generally fumbles though it. One day, Paulo received an email from his local tax agency with an important message about an error in his 2020 taxes. As this was one of his concerns, Paulo panicked and proceeded to pen the attached Word document. The file that opened was blurred out and impossible to read, but the text on the document read “Can’t view the content? Please click “Enable Editing” and “Enable Content” on the yellow menu bar.”

As instructed, Paulo clicked these buttons. The blurred image did not improve but rather Paulo unleashed a powerful malware that took over his computer.

Did you spot the red flags?

  • 1. The supposed local tax agency sent Paulo an email with important tax information. Most reputable tax agencies will not use email to send or request sensitive tax material.
  • 2. The file Paulo opened had unreadable content, prompting him to “Enable Editing” and “Enable Content”

What you should know about this scam

Enable Editing, Enable Content, and Enable Macros are common tactics used in phishing campaigns. The scammer can easily design their malicious attack within a Macro. When their victim clicks on one of these prompts, they are allowing the malware to run, unleashing it on the device.

This particular attack, when enabled, will release Remote Access Trojans, also known as RATs. When activated, the attacker can take control of their victim’s device and steal sensitive information. Consistent with other attacks, these threats are designed to stay under-the-radar, making them more difficult to spot and stop by prevention tools.

This scam is very real and happening as we speak. Cybercriminals are able to purchase the tools to achieve these scams for a low price, and their purchase even includes a customer service support line! Watch for this or similar attacks this tax season and warn friends and family.

There are tools that can help protect you from phishing scams like this, and they just might be part of your current Microsoft subscription. Check out our blog “Advanced threat protection features ideal for email security at RIAs” or contact us for more information.