Derek – Page 8 – WindowsTechs.com

Many more random invoices – word RTF doc malware

Posted on March 2, 2016 by Derek

Last revised or Updated on: 2nd March, 2016, 8:23 AMA series of emails with multiple subjects, all concerning invoices, all coming from random senders, companies and email addresses with a malicious RTF word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. A very high proportion of these are blowing straight past spam & … Continue reading → Continue reading Many more random invoices – word RTF doc malware→

Tesco Bank Interest Rate And Tax – phishing

Posted on March 1, 2016 by Derek

Last revised or Updated on: 1st March, 2016, 12:43 PMThere are a few major common subjects in a phishing attempt. Lots of them are either PayPal or your Bank or Credit Card, with a message saying some thing like : Urgent: Your card has been stopped ! There have been unauthorised or suspicious attempts to log in to your account, please verify Your account has exceeded its limit and needs to be verified Your account will be suspended ! You have received a secure message from < your bank> We are unable to verify your account information Update Personal Information Urgent Account Review Notification We recently noticed one or more attempts to log in to your PayPal account from a … Continue reading → Continue reading Tesco Bank Interest Rate And Tax – phishing→

March Invoice – JS malware – Locky ransomware

Posted on March 1, 2016 by Derek

Last revised or Updated on: 1st March, 2016, 12:03 PMThe locky ransomware emails covering a wide variety of subjects are coming in thick and fast today. The latest is an email with the subject of March Invoice pretending to come from random names, companies and email addresses with a zip attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope … Continue reading → Continue reading March Invoice – JS malware – Locky ransomware→

Delay with Your Order #200C189B, Invoice #37811753 sales manager – JS malware – Locky ransomware

Posted on March 1, 2016 by Derek

Last revised or Updated on: 1st March, 2016, 11:42 AMAn email with the subject of Delay with Your Order #200C189B, Invoice #37811753 [ random numbered] pretending to come from Random names, companies and email addresses with a zip attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The alleged … Continue reading → Continue reading Delay with Your Order #200C189B, Invoice #37811753 sales manager – JS malware – Locky ransomware→

Buchung/Rechnung DH80RK – JS malware – Locky Ransomware

Posted on March 1, 2016 by Derek

Last revised or Updated on: 1st March, 2016, 11:26 AMA German language email with the subject of Buchung/Rechnung DH80RK pretending to come from Nurflug.de <info@nurflug.de> with a zip attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Nurflug.de <info@nurflug.de> Date: Tue 01/03/2016 10:11 Subject: Buchung/Rechnung … Continue reading → Continue reading Buchung/Rechnung DH80RK – JS malware – Locky Ransomware→

Eset antivirus and Eset Smart Security blocks Google

Posted on February 29, 2016 by Derek

Last revised or Updated on: 29th February, 2016, 10:58 AMThere is a false positive detection by Eset Antivirus and Eset Smart Security this morning Just about every Google search comes up with the message. These include links via Google to guaranteed safe sites like Microsoft and Eset themselves It has been reported as a false positive and hopefully a new definitions update will be pushed out urgently and quickly ESET NOD32 Antivirus Threat found Access to the web page was blocked. Show URL Access to the web page was blocked. http://www.google.co.uk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7&ved=0ahUKEwiCvazv2pzLAhWJRhQKHW4CCv8QFgg9MAY&url=http://answers.microsoft.com/en-us/windows/forum/windows8_1-performance/32-bit-application-fails-to-start-after-81-upgrade/b825723e-e2a2-4c8f-bd1f-10446a5d7059&usg=AFQjCNEMBOsiyDrA7yaR_b9wN2RsjijxIQ&sig2=QlW4VGgFNlDrT6sHngrwdA&cad=rjt Threat: HTML/Refresh.BC trojan ▪ %learnmore_txt% ▪ %reportbad_txt% Proceed to the siteGo Back Screen shots look like All Antivirus and security software do give false detections at times. This one is … Continue reading → Continue reading Eset antivirus and Eset Smart Security blocks Google→

Your Order has been despatched from Harrison – excel xls spreadsheet malware

Posted on February 26, 2016 by Derek

Last revised or Updated on: 26th February, 2016, 2:45 PMAn email with the subject of Your Order has been despatched from Harrison pretending to come from warehouse | Harrison <warehouse@harrisonproducts.net> with a malicious Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: warehouse | Harrison <warehouse@harrisonproducts.net> … Continue reading → Continue reading Your Order has been despatched from Harrison – excel xls spreadsheet malware→

Active Discount Transaction – 60126092105029/1 – Lloyds Bank plc – word doc malware

Posted on February 26, 2016 by Derek

Last revised or Updated on: 26th February, 2016, 11:20 AMAn email with the subject of Active Discount Transaction – 60126092105029/1 pretending to come from Lloyds Bank plc <supplier.finance@lloydsbanking.com> with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Lloyds Bank plc <supplier.finance@lloydsbanking.com> Date: … Continue reading → Continue reading Active Discount Transaction – 60126092105029/1 – Lloyds Bank plc – word doc malware→

Corporate Direct (Europe) Ltd Invoice/Credit Note Attached – corpteluk.com – word doc malware

Posted on February 26, 2016 by Derek

Last revised or Updated on: 26th February, 2016, 2:53 PMAn email with the subject of Corporate Direct (Europe) Ltd Invoice/Credit Note Attached pretending to come from Sharron Blevins <Blevins.Sharron04@corpteluk.com> (These are actually random names at corpteluk.com) with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email … Continue reading → Continue reading Corporate Direct (Europe) Ltd Invoice/Credit Note Attached – corpteluk.com – word doc malware→

Scanned Invoice – word doc malware

Posted on February 25, 2016 by Derek

Last revised or Updated on: 25th February, 2016, 4:30 PMAn email with the subject of Scanned Invoice pretending to come from random names and email addresses with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. It looks like these criminal gangs are distributing Dridex in the mornings this week and switch to Locky ransomware in the afternoons They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size … Continue reading → Continue reading Scanned Invoice – word doc malware→