Hello companies, stop sending xlsm and html attachments.
-
You have 25000 employees and hundreds of IT staff, yet you send out macro enabled excel files with VBA buttons on them, through email. You send this to every entity which you have done business with in 2017. This one also sent a condescending second email asking us why we didnt respond to the first one.
Then a large university sends us a PO as html attachment, expecting it to be delivered.
Then i hear rumbling from the paper pushers down the hall that I need to do more so these get delivered, after being specifically told to block them to stop targeted phishing/scamming a few months ago.
-
We never win in IT, it is an uphill battle.
-
@momurda how come you don't have some magic box that just converts all of these into PDFs. .
Step up your IT game man!
/sarcasm-off
-
@dustinb3403 I actually was thinking of just this. That would be a great solution, perhaps a FW vendor could do this, take all attachments that arent pdfs send them to some sort of management vm, change them to pdfs, send a notification to recipient. MS Exchange spam mailbox could maybe have this as a feature in the future.
I did send a reply email to one of them saying that print to pdf has been built in to every OS for a decade at least. -
Not a bad idea.
-
Change them to being stored by something like NextCloud or Dropbox while in the process, too.
-
Possibly set an auto-responder on the email server for emails containing these attachments saying something like "Due to security concerns, this email server automatically rejects email attachments with the following extensions: xls, xlsm, xlsx, html.... Please use an acceptable format."
-
+1 to an auto response like Tim_G said. At least that would inform senders about the issue.
