Last revised or Updated on: 22nd March, 2016, 7:20 AMAn email with the subject of Credit Note CN-73290 from On Semiconductor Corp for [redacted] (0312) pretending to come from Accounts <message-service@post.xero.com> with a zip attachment is another one from the current bot runs which downloads some sort of ransomware They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. These don’t look like either Locky or Teslacrypt ransomware so it appears that another gang of bad actors are using the same email templates as the 2 prolific malspammers … Continue reading → Continue reading credit note from random companies – JS malware leads to ransomware→