Order 1307605 (Acknowledgement) rick.adrio@booles.co.uk – word doc macro malware leads to Dridex

Last revised or Updated on: 8th March, 2016, 9:56 AMAn email with the subject of Order 1307605 (Acknowledgement) pretending to come from rick.adrio@booles.co.uk with a malicious word doc or Excel XLS spreadsheet attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: rick.adrio@booles.co.uk Date: Tue 08/03/2016 09:31 Subject: Order 1307605 … Continue reading →