Derek – Page 10 – WindowsTechs.com

British Gas VAT Invoice – Quote Ref: ES0142570 – word doc malware

Posted on February 24, 2016 by Derek

Last revised or Updated on: 24th February, 2016, 11:05 AMAn email appearing to be a British Gas vat invoice with the subject of VAT Invoice – Quote Ref: ES0142570 pretending to come from CardiffC&MFinance <CardiffC&MFinance@centrica.com> with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: … Continue reading → Continue reading British Gas VAT Invoice – Quote Ref: ES0142570 – word doc malware→

Bank of America Invoice Attached – word doc malware

Posted on February 22, 2016 by Derek

Last revised or Updated on: 22nd February, 2016, 4:59 PMAn email Appearing to be a Bank of America Invoice or statement with the subject of Invoice Attached coming from admin@mastershell.ru with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: … Continue reading → Continue reading Bank of America Invoice Attached – word doc malware→

Rechnung Nr. 88971 vom 15.02.2016 pretending to come from your own email domain – word doc malware

Posted on February 22, 2016 by Derek

Last revised or Updated on: 22nd February, 2016, 1:49 PMI have only seen 1 copy of this malware so far today which is an email written in German language pretending to be from an ADVANCED COURIER with the subject of Rechnung Nr. 88971 vom 15.02.2016 pretending to come from Volker Maier <MaierVolker8742@malware-research.co.uk> ( I think it is probably a random name at your own email domain) with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very … Continue reading → Continue reading Rechnung Nr. 88971 vom 15.02.2016 pretending to come from your own email domain – word doc malware→

Invoice FEB-51829253 – word doc or excel xls spreadsheet malware

Posted on February 19, 2016 by Derek

Last revised or Updated on: 19th February, 2016, 1:51 PMAn email with the subject of Invoice FEB-51829253 ( random numbers) pretending to come from random names and email addresses with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender matches the name of the Accounting … Continue reading → Continue reading Invoice FEB-51829253 – word doc or excel xls spreadsheet malware→

Rechnung Nr. 2016_131 lfw-ludwigslust.de – JS malware

Posted on February 19, 2016 by Derek

Last revised or Updated on: 19th February, 2016, 10:20 AMAn email with the subject of Rechnung Nr. 2016_131 pretending to come from fueldnerB9@lfw-ludwigslust.de with a zip attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: fueldnerB9@lfw-ludwigslust.de Date: Fri 19/02/2016 10:04 Subject: Rechnung Nr. 2016_131 … Continue reading → Continue reading Rechnung Nr. 2016_131 lfw-ludwigslust.de – JS malware→

Our new Order – fake PDF malware

Posted on February 19, 2016 by Derek

Last revised or Updated on: 19th February, 2016, 9:47 AMAn email with the subject of Our new Order pretending to come from Benalin CO LTD <jkt-genmbox@benline.co.id> with an executable file that is named to look like a PDF file attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. Note the … Continue reading → Continue reading Our new Order – fake PDF malware→

MTC Hof – MTC GmbH Per E-Mail senden: Rechnung-54-110090.xls – excel xls spreadsheet malware

Posted on February 18, 2016 by Derek

Last revised or Updated on: 18th February, 2016, 11:56 AMA German language email with the subject of Per E-Mail senden: Rechnung-54-110090.xls ( random numbers) pretending to come from MTC Hof – MTC GmbH <mtc-hof@mtc-handy.de> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The … Continue reading → Continue reading MTC Hof – MTC GmbH Per E-Mail senden: Rechnung-54-110090.xls – excel xls spreadsheet malware→

tracking documents cmsharpscan – word doc malware -Locky Ransomware

Posted on February 17, 2016 by Derek

Last revised or Updated on: 17th February, 2016, 2:01 PMAn email with the subject of tracking documents pretending to come from cmsharpscan3175@gmail.com <cmsharpscan6395@gmail.com> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: cmsharpscan3175@gmail.com <cmsharpscan6395@gmail.com> Date: Wed 17/02/2016 12:39 Subject: tracking … Continue reading → Continue reading tracking documents cmsharpscan – word doc malware -Locky Ransomware→

random invoices – word doc or excel xls spreadsheet malware

Posted on February 17, 2016 by Derek

Last revised or Updated on: 17th February, 2016, 8:59 AMWe have 2 concurrent runs of malspam this morning both with similar email subjects about invoices pretending to come from random companies with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The 1st email looks … Continue reading → Continue reading random invoices – word doc or excel xls spreadsheet malware→

receipt Accounts – word doc or excel xls spreadsheet malware

Posted on February 16, 2016 by Derek

Last revised or Updated on: 16th February, 2016, 9:53 AMAn email with the subject of receipt pretending to come from Accounts <accounts@aacarpetsandfurniture.co.uk> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Accounts <accounts@aacarpetsandfurniture.co.uk> Date: Tue 16/02/2016 08:22 Subject: receipt Attachment: CCE06102015_00000.docm … Continue reading → Continue reading receipt Accounts – word doc or excel xls spreadsheet malware→