Microsoft will help OneNote users resist phishing attacks launched by malware. The Microsoft 365 roadmap shows that Microsoft will introduce “protection for known high-risk phishing file types” by April 2023.
“When users open or download embedded files in OneNote, we have added enhanced protection. When a file is considered dangerous, users will receive a notification to improve the file protection experience in OneNote on Windows.”
It is reported that attackers have recently frequently used OneNote to distribute malware, now they attach malicious VBS files to OneNote notebooks, and hide them behind a box to make them look legitimate, victims are asked to double-click to view the document, at which point the malware will run, taking control of the camera screenshotting, recording video, installing trojans stealing cryptocurrency wallets and sensitive information etc.