In the course of a regular day, it is not uncommon to receive regular legit word documents from people via email. However, increasingly we are getting documents pretending to be resumes, and the .doc file contains macros. Our version of Word 2013 treats these as protected documents and the macros do not auto open like the malicious user intended. However, the content of the word document tries to trick our end user into clicking the "allow content" button. Even if they do click, our firewall is blocking the attempted EXE download. However, should the next round of word documents get more clever and change the download into something without an extension (possibly renaming during the download?) then I'd like to investigate the option of preventing Word documents with Macros from coming in through the firewall. Is that possible using a data filter? Corbett.
... View more