Subscribe

Dridex Lures Employees To Open Malicious Docs Via Fake Emails

December 23, 2021

Dridex, banking malware is currently being used to deceive employees into clicking on malicious Excel documents.

The malicious documents were sent to employees via fake employee termination emails.

These emails use the subject line “Employee Termination.” The content informs recipients that their employment will end on December 24th, 2021.

The email pointed out that “this decision is not reversible.” Embedded in the email is an attached Excel password-protected spreadsheet named ‘TermLetter.xls.”

As soon as an employee opens the Excel spreadsheet and enters the password, a blurry “Personnel Action Form” appears, asking them to “Enable Content” to display it properly.

Once activated, the victims receive a “Merry X-Mas Dear Employees!” pop-up message. Unknown to the victims, a malicious HTA file was stored in the C:\ ProgramData folder during the process. HTA contains a malicious VBScript that downloads Dridex from Discord to infect the device.

In order to mitigate this type of attack, users who receive such emails are advised to contact their human resources department or employees before opening the email.

For more information, read the original story in BleepingComputer.

Top Stories

OpenAI brings in Smartly to shape how ads work inside ChatGPT

Quantum breakthrough researchers cut required qubits from millions to thousands

Anthropic coding tool exposes full source code again after packaging error

Cisco breach exposes 300+ repos after supply chain attack

OpenAI cuts Sora with $1M-a-day costs to free up resources for core AI models

AI boom faces new constraint as helium disruption slows chip production

Related Articles

NYC hospital chief says AI could take over some radiology work

April 3, 2026 The CEO of NYC Health + Hospitals says artificial intelligence could replace a significant portion of radiology more...

OpenAI brings in Smartly to shape how ads work inside ChatGPT

April 3, 2026 OpenAI has signed Smartly as its first dedicated adtech partner to refine how advertising appears in ChatGPT. more...

Quantum breakthrough researchers cut required qubits from millions to thousands

April 2, 2026 Researchers from California Institute of Technology and start-up Oratomic have demonstrated a new error-correction approach that could more...

AMD moves to acquire Intel in all-stock deal

April 2, 2026 AMD has agreed to acquire Intel in an all-stock transaction that would combine the two long-time x86 more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.