Last revised or Updated on: 9th March, 2016, 1:18 PMAn email with the subject of DOC-AA25400B [ random numbered] pretending to come from admin <adm323@victim_domain.tld> the numbers after adm are random Your own email domain with a zip attachment is another one from the current bot runs which downloads Locky Ransomware They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: admin <adm323@victim_domain.tld> Date: Wed 09/03/2016 12:05 Subject: DOC-AA25400B Attachment: DOC-AA25400B.zip Body content: Totally blank body content Screenshot: NONE These malicious attachments normally … Continue reading →