A slight change to the Trickbot malware delivery campaign in UK this morning. They are not actually imitating, spoofing or pretending to be any well known company, business or Government department. Instead they have registered a generic domain using one of the new TLDs “internal.delivery”. In my opinion almost all the new TLDs should be automatically blocked at the network perimeter. Very few of them are of any use at all, with the vast majority only being used for Malware, phishing and scams. This example is an email containing the subject of “Internal only” coming from “Administrator@internal.delivery” which is a generic address that … Continue reading →