New BT Online bill malspam delivers Dridex banking trojan

An email with the subject of New BT Online bill pretending to come from BT but actually coming from a different domain btbusiness@bt-europe.com  that can very easily be mistaken for a genuine BT email address is today’s latest spoof of a well-known company, bank or public authority delivering Dridex banking Continue reading → Continue reading New BT Online bill malspam delivers Dridex banking trojan

Fake Your Virgin Media bill is ready malspam delivers Dridex banking Trojan

The next in the never ending series of Malware  downloaders is an email with the subject of  Your Virgin Media bill is ready pretending to come from Virgin Media <webteam@virginmediaconnections.com> which delivers Dridex banking trojan They use email addresses and subjects that will entice, scare or persuade the recipient to read the email Continue reading → Continue reading Fake Your Virgin Media bill is ready malspam delivers Dridex banking Trojan

fake OnePosting Invoice Ready to View malspam delivers Dridex banking Trojan

The next in the never ending series of malware downloaders is an email with the subject of  OnePosting Invoice Ready to View pretending to come from SPECTUR LIMITED <members@onenewpost.com>. This eventually delivers Dridex banking Trojan. They use email addresses and subjects that will entice a user to read the email and open the Continue reading → Continue reading fake OnePosting Invoice Ready to View malspam delivers Dridex banking Trojan

Fake “Your latest BT OneBill is available now” malspam leads to Dridex banking trojan

An email with the subject of Your latest BT OneBill is available now  pretending to come from BT  but actually coming from a different domain ebilling4business@btdnet.com   that can just about be mistaken for  a genuine BT email address is today’s latest spoof of a well-known company, bank or public authority delivering Dridex banking Trojan Continue reading → Continue reading Fake “Your latest BT OneBill is available now” malspam leads to Dridex banking trojan

Fake “Your latest BT OneBill is available now” malspam leads to Dridex banking trojan

An email with the subject of Your latest BT OneBill is available now  pretending to come from BT  but actually coming from a different domain ebilling4business@btdnet.com   that can just about be mistaken for  a genuine BT email address is today’s latest spoof of a well-known company, bank or public authority delivering Dridex banking Trojan Continue reading → Continue reading Fake “Your latest BT OneBill is available now” malspam leads to Dridex banking trojan

fake Xero accounting software invoice delivers Dridex banking Trojan

Continuing with the never ending series of malware downloaders is an email with the subject of Your Xero Invoice INV-0855485  coming from subscription.notifications@xeronet.org which uses compromised sharepoint aka onedrive for business accounts to deliver Dridex banking Trojan Note: this was forwarded to me by a contact this morning who received it yesterday. Continue reading → Continue reading fake Xero accounting software invoice delivers Dridex banking Trojan

Spoofed Vodafone Online Bill Manager – Your Phone Bill is ready to view delivers banking Trojan

Another big malspam campaign pretending to be a Vodafone bill. These started earlier this morning with links in the email to a compromised or fraudulently set up SharePoint business site that soon stopped delivering the malware payloads. They then quickly switched to a  whole host of other compromised sites to Continue reading → Continue reading Spoofed Vodafone Online Bill Manager – Your Phone Bill is ready to view delivers banking Trojan

Spoofed UK Fuels Collection malspam delivers malware, possibly Trickbot

An email with the subject of UK Fuels Collection  pretending to come from invoices@ebillinvoice.com  with a malicious word doc  attachment  delivers some sort of malware. I am not sure what these are. They might be Jaff ransomware or might be Dridex banking Trojan or Trickbot banking Trojan. The last time I saw Continue reading → Continue reading Spoofed UK Fuels Collection malspam delivers malware, possibly Trickbot