Business internet
Direct Internet for
SMEEnterpriseReal EstatePublic SectorChannel
Connectivity products
Direct InternetDiverse Direct InternetManaged FailoverDDoS ProtectionCloud ConnectRapid Install
CybersecurityManaged IT
Blogs & resources
Experts on callEventsFAQsContent & case studies
Get in touch
Back to blogs
Company news

Beware that corrupted email attachment: It could be a scam

June 8, 2022

|

4

min read

Written By:

Highlights

Beware! Scammers are using corrupted Word documents to trick you into downloading malicious software – and it can steal your business data. Here’s what you need to watch out for…

You’re scanning your inbox and spot an important email with a Word document attached. Maybe it’s an invoice, a message from a supplier, or even a request from a colleague. You open it without thinking twice… and just like that, you’ve been scammed.

This scenario is exactly what cyber criminals are counting on. Now they’ve come up with another new way to get past even the most advanced email security filters – this time, using corrupted Microsoft Word files.

It’s a clever and dangerous tactic.

Phishing (pronounced "fishing") is where scammers try to trick you into giving away sensitive information, like passwords or bank details. They “bait” you with an email that looks legitimate, maybe from your bank, a co-worker, or a company you trust.

These emails often include attachments or links. When you open the attachment or click the link, you could be downloading malicious software (malware) or visiting a fake website designed to steal your details.

Phishing attacks are constantly evolving, and they’re now one of the most common ways scammers break into businesses. Email security filters are usually pretty good at scanning attachments. But since corrupted files can’t be analysed properly, the Word file is able to sneak into your inbox.

When you open one of these corrupted files, Microsoft Word will “repair” it and show you what looks like a normal attachment. But the document will contain a malicious QR code or link that sends you to a phishing site (often a fake Microsoft 365 login page). If you enter your details, scammers could have access to your account – and potentially your entire business.

Stealing just one employee’s login details can be enough. With access to your cloud systems, scammers could get hold of sensitive customer data, lock your team out of essential files, or even send phishing emails from your account to trick your contacts.

If this happens to you, it could be catastrophic. Your business could face financial losses, legal consequences, and a damaged reputation that could take a long time to rebuild.

Cyber attacks are getting more complicated. But you don’t need a degree in cyber security to help keep your business safe.

The best protection is awareness and caution.

Here are some steps you can take:

  • Slow down and think twice before opening attachments or clicking on links
  • If an email seems urgent, beware – scammers like to rush you, so you’ll act without thinking
  • If you’re not sure an email is legit, check with the person or company that the email seems to be from
  • Never trust an attachment or link just because it looks professional

Most importantly, make sure you educate yourself and your team about what phishing is, why it’s dangerous, and how to recognise the warning signs.

We help businesses like yours with this every day. If you’d like us to help you too, get in touch.

Get in touch.

Tell us about yourself so we can serve you best.

Got a question?

No items found.

More articles

Insights
December 8, 2025
Leading London: powering the City of London
Read More

This special edition of our Leading London series brings together the partners behind the rollout of the City of London Corporation’s new unified network, a major upgrade designed to strengthen public services and improve connectivity across the Square Mile and beyond.

The panel included:

  • Sam Collins, Assistant Director of Digital and Data, City of London Corporation
  • Chelsea Chamberlin, Chief Technology Officer, Roc Technologies
  • Scott McKinnon, Chief Security Officer, Palo Alto Networks
  • Rhod Morgan, Chief Operations Officer, Vorboss
  • Elliot Townsend, Senior Director, Juniper Networks
  • Christa Elizabeth Norton, Marketing Director, Roc Technologies

Together, they explored how the new network will improve public services, strengthen cyber resilience and support a more connected, future-ready City.

Insights
December 2, 2025
Why a wayleave isn’t always needed for fibre installations
Read More

For many landlords and building managers, the word “wayleave” feels like the responsible route whenever a fibre circuit is being installed on their property. It sounds formal and safe – a neat legal box to tick.  

In many cases, however, a wayleave adds unnecessary complexity and delays, frustrates tenants, and can expose landlords to long-term legal risks.

At Vorboss, we’ve connected thousands of office spaces across London without a wayleave, keeping landlords in full control and getting tenants online faster.

What is a wayleave?

A wayleave is a written agreement between a landowner and a telecoms operator. It gives the operator permission to install and keep equipment on private property.  

What many people don’t realise is that signing a wayleave also activates “Code rights” under the Electronic Communications Code. These rights go beyond simple permission, they give the operator legal powers to stay on the property indefinitely, access it when needed, and even refuse removal of their equipment in certain situations.

For a typical connection into a commercial building in London, a wayleave can make the fibre installation process slower, more expensive, and limit the landlord’s flexibility long term.  

Why a wayleave isn’t required for standard in-building fibre connections

For a standard in-building fibre connection serving a tenant, a wayleave isn’t a legal requirement. Important protections, like building access, fire safety, repairing any damage, and removing equipment, are already covered by the tenant’s lease and usual building rules.

If no wayleave is signed, no Code rights are triggered, meaning the landlord retains full control and the installation exists under a simple, fully revocable licence.

In practice, this gives landlords far more protection and flexibility:

  • No legal lock-in – the telecoms operator has no long-term rights to stay or refuse removal.
  • Landlords keep full control – equipment can be moved or removed when the building changes.
  • Faster fibre installation – no time lost in drafting contracts or solicitor reviews.
  • Happier tenants – connections go live quicker; tenants get to move in faster.

By contrast, signing a wayleave and granting Code rights introduces a complex and expensive legal process for any fibre removal or relocation. This can take at least 18 months, plus potential court or tribunal proceedings, making it slower, and far less flexible for the landlord.

Vorboss Limited is registered in England and Wales at: 10 Exchange Square, London, United Kingdom, EC2A 2BR Company number: 05678571

©2025 Vorboss, All rights reserved

Cookies PolicyPrivacy PolicyVorboss Trust Centre
About
Buy differentCareersAcademyNewsLocationsGlossary
Customers
BusinessEnterpriseCommercial Real EstateRemote support
Partners
Products
10G100GOur Products
Contact us
Call us:
+44 (0) 20 3582 8500
Email us:
hello@vorboss.com

10 Exchange Square, London,
EC2A 2BR

Complaints Policy

Certification no. C2023-03244


ISO 9001:2015
Quality Management System
Certification no. C2023-02886


ISO 45001:2018
Health and Safety Management System
Certification no. C2023-03242


ISO/IEC 27001:2022
Information Security Management System
Certification nos. 23012EMS001, 23012BCM001

ISO 14001:2015, ISO 22301:2019
Business Continuity Management System