Credit Note CN-81553 from Nordstrom Inc (7907) malspam delivers trickbot / dyre banking Trojan

The next in the never ending series of malware downloaders is an email with the subject of  Credit Note CN-81553 from Nordstrom Inc (7907) pretending to come from Accounts <message-service@post.xero.com>  with a random named / numbered  zip attachment  containing a .scr … Continue reading →

Source

Continue reading Credit Note CN-81553 from Nordstrom Inc (7907) malspam delivers trickbot / dyre banking Trojan

credit note from random companies – JS malware leads to ransomware

Last revised or Updated on: 22nd March, 2016, 7:20 AMAn email with the subject of  Credit Note CN-73290 from On Semiconductor Corp for [redacted] (0312)  pretending to come from Accounts <message-service@post.xero.com> with a zip attachment is another one from the current bot runs which downloads some sort of ransomware They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. These don’t look like either Locky or Teslacrypt ransomware so it appears that another gang of bad actors are using the same email templates as the 2 prolific malspammers … Continue reading → Continue reading credit note from random companies – JS malware leads to ransomware