Collaborate Disseminate
This example is today’s latest spoof or imitation of a well-known company, bank or public authority delivering Trickbot banking Trojan. The email with the subject of “Important : please review attached document(s) ” pretends to come from Ll… Continue reading trickbot via fake Lloyds Bank “Important : please review attached document(s) “
We are back to a slightly more complicated or involved Trickbot download campaign today with links in the email to download the word doc instead of attachments in the email. This type of malware delivery campaign does tend to have a much shorter ̶… Continue reading Fake Lloyds Bank FW: Confidential documents delivers Trickbot via complicated download mechanism
OK got a quite strange & unusual PayPal phishing scam arrive today. The scammers either don’t like Microsoft users or can’t work out how to get the scam to work in Internet explorer or Outlook properly. Neither the email or the website… Continue reading PayPal phishing scam using Conditional CSS tricks and Google Captcha
We are back to a more complicated or involved Trickbot download campaign today with links in the email to download the XLS file instead of attachments. This malware campaign delivery method was first mentioned on 22 October 2018 when I missed the onsla… Continue reading Fake HSBC “FW: Account Review” delivers Trickbot
I haven’t seen Dridex banking trojan hitting the UK in absolutely ages. In fact I can’t remember when I last saw one. This is detected as Dridex by some VirusTotal detections but online sandbox analysis aren’t showing typical Dridex S… Continue reading Fake HSBC “Are all above transactions recognisable to you” delivers malware
This example is today’s latest spoof or imitation of a well-known company, bank or public authority delivering Trickbot banking Trojan. The email with the subject of “Overdue Invoice ” pretends to come from Pricewaterhouse Coopers LLP but a… Continue reading Fake Pricewaterhouse Coopers LLP “Overdue Invoice” delivers Trickbot
We are back to a slightly more complicated or involved Trickbot download campaign today with links in the email to download the XLS file instead of attachments. This malware campaign delivery method was first mentioned on 22 October 2018 when I missed … Continue reading Fake Companies House “Company report” delivers Trickbot
After the last couple of weeks of the Trickbot gang playing around with weird & wonderful and slightly more complicated delivery methods, they have today reverted to the tried & trusted formats. This example is today’s latest spoof or imitatio… Continue reading Fake Lloyds Bank “Case Number: 238963BACS” delivers Trickbot
To accompany all the blackmail, sextortion scams we are seeing daily, today we are seeing quite a large blockchain wallet phishing scam designed to steal your digital money. Now this won’t affect a large number of recipients because most of us do… Continue reading Blockchain wallet phishing scam
We have been noticing a change in the malware delivery pattern with Lokibot ( and possibly other malware) over the last few days. Instead of using the more normal Excel file extensions like XLS or XLSX they have started to use .XLAM extensions. Accord… Continue reading Malware using Excel XLAM Excel Macro enabled addins to bypass protections