Collaborate Disseminate
After a short break for about 1 week, we are seeing Trickbot hitting the UK again this morning with its usual massive malspam campaign. This example is an email containing the subject of “Company tax credits ” pretending to come from HMRC … Continue reading Fake HMRC Company tax credits email delivers Trickbot
Nothing exceptionally special about this malware campaign delivering Pony / fareit trojan. An email with the subject of “Urgent Order for october Shipment needed” pretending to come from AL-HASSANA TRADING LTD <info@al-hassana.com>… Continue reading Urgent Order for october Shipment needed delivers Pony / Fareit
Once again I never saw any Trickbot targeting the UK today but have received a US targeted version this evening. This example is an email containing the subject of “FW: Payroll schedule ” pretending to come from Deloitte but actually coming… Continue reading fake Deloitte FW: Payroll schedule delivers Trickbot
It looks a bit like we are on for a Manic Monday today. The last couple of weeks have been pretty slow malware wise in UK, but that all looks like it is changing today with a slow, steady onslaught of the typical daily malware that we have not seen muc… Continue reading Fake Purchase Order email delivers Remcos RAT
We are starting this Monday Morning with a Lokibot campaign being delivered via malicious word docs, actually RTF files using CVE-2017-11882 Microsoft equation editor exploits. I am seeing various email subjects. I have received 2 of each version so … Continue reading Lokibot campaign 17 September 2018
A slight change to the Trickbot malware delivery campaign in UK this morning. They are not actually imitating, spoofing or pretending to be any well known company, business or Government department. Instead they have registered a generic domain using o… Continue reading trickbot delivered by Internal only email with macro excel attachments
I didn’t see any Trickbot targeting the UK directly today but have received this Canadian version later on this afternoon UK time. This example is an email containing the subject of “I have securely shared file(s) with you” pretendin… Continue reading trickbot delivered via macro excel spreadsheet fake KPMG FY18 Q4 Personnel and Direct Costs email
Another quite different extortion, blackmail, phishing scam this morning. It is primarily aimed at French speaking users although it was received to an email address used by an English speaker. It comes from what purports or pretends to be a debt reco… Continue reading Fake PayPal Debt recovery email – Extortion, Blackmail, scam and Phishing
A bit of a change with the Trickbot delivery system this morning in UK. They are using macro enabled XLS spreadsheet files instead of the usual word docs. This example is an email containing the subject of “September 2018 Payroll Timetable”… Continue reading Trickbot delivered by fake PWC September 2018 Payroll Timetable using excel macro spreadsheets
This example is an email containing the subject of “WebFiling Authentication Code” pretending to come from Companies House but actually coming from “web-filing@companiesshouse.co.uk” which is a look-a-like, typo-squatted or oth… Continue reading Fake Companies House WebFiling Authentication Code delivers Trickbot