A slightly interesting and unusual malware delivery to report first today. First we note the spelling mistake in the subject line “Purchase Oder”, then the body content when the email is delivered to the prospective victim. Please read the entire post especially the bit lower down about the probable compromised DNS settings. I am convinced Godaddy has a major hole in their dns server settings allowing criminals to add a subdomain to a genuine site or even redirect the entire site without the knowledge of the site owner. If you look at this post from before Xmas 2018, you can … Continue reading →