Arlen Holder wrote:

Microsoft warns of massive phishing campaign leveraging Excel 4.0 macros
https://www.techspot.com/news/85356-microsoft-warns-massive-phishing-campaign-leveraging-excel-40.html

"We're tracking a massive campaign that delivers the legitimate remote
access tool NetSupport Manager using emails with attachments containing
malicious Excel 4.0 macros. The COVID-19 themed campaign started on May 12
and has so far used several hundreds of unique attachments."

"The emails claim to originate from The Johns Hopkins Center with titles
like "WHO COVID-19 SITUATION REPORT."

I've gotten bunches of emails recently with Excel macro-enabled files
(xlsm) attached. I think I've seen this one, but most of them purport
to be bills from someplace I've heard of but have not done any
business with. NOD32 is doing a pretty good job of weeding them out.

--
Tim Slattery
tim at risingdove dot com