Not long ago, criminals pushing the Dridex banking Trojan were using Microsoft Excel documents spiked with a malicious macro as a phishing lure to entice victims to load the malware onto their machines.
Even though macros are disabled by default inside most organizations, the persistent hackers are still at it, this time using XML files as a lure.