It looks like the summer holidays are over and the malware scumbags are trying out new and different delivery methods to catch us all unawares. This latest one is an email pretending to be a bank transfer notification with the subject of “Re: Payment Swift MT103” pretending to come from sacom@sacom.hk with a malicious word doc RTF attachment delivers formbook. Once again this is a less common method of malware delivery with an RTF file using the CVE-2017-11882 equation editor exploit downloading a msi file to install formbook malware on the victims computer. As usual the email is nothing special but … Continue reading →