Collaborate Disseminate
Today has been a mixture so far of different subjects and alleged senders. All the Word attachments, although named differently are all identical and all are trying to exploit the 0 day OLE link exploit CVE-2017-0199 that was fixed in Yesterday’s windows / Office updates from Microsoft. ( I am late … Continue reading → Continue reading CVE-2017-0199 – 0-day malware delivered by a multitude of different emails.
Today is back to one of our old favourite email lures which I haven’t seen for about 18 months I have no idea why they didn’t change the date on the email template. That is a total red flag to get caught by spam filters. An email with the subject … Continue reading → Continue reading Scanned image from MX-2600N pretending to come from noreply@ your own email address delivers malware
The next in the never ending series of Locky downloaders is an email with the subject of Please find attached invoice no: 9233713731 ( random numbers) pretending to come from documenbt at your own email domain with a random named … Continue reading →
Continue reading Please find attached invoice no: 9233713731 malspam delivers Locky
The next in the never ending series of Locky downloaders is an email with the subject of Invoice No. 84445092 for BROOKE 9 random numbers and random names) pretending to come from info @ your own email domain with a semi-random named … Continue reading →
Continue reading malspam email invoice pretending to come from info@your own domain delivers Locky
The next in the never ending series of Locky downloaders is an email with the subject of Document No 25845584 ( random numbers) pretending to come from random names at accounts@your own email domain or company with a random … Continue reading →
The next in this mornings never ending series of Locky downloaders is an email with the subject of Accounts Documentation – Invoices pretending to come from CreditControl @ your own email domain with a random named zip attachment containing a .HTA file … Continue reading →
An email with the subject of Scanned image from MX2310U@[ your email domain] pretending to come from office@ your email domain with a malicious word doc attachment is another one delivering Locky ransomware They are using email addresses and subjects that will … Continue reading →
Continue reading Scanned image from MX2310U@[ your email domain] leads to locky
The latest of Today’s Locky / Zepto malspams is a blank empty email pretending to come from random names at your own email domain with the subject similar to document, File, Picture, Photo, Image etc with a zip attachment containing a WSF file … Continue reading →
Continue reading blank email pretending to come from your own email address delivers Locky / Zepto
The next in the series of Locky / Zepto ransomware malspams this fine August Bank Holiday morning is an email with the subject of Please find attached invoice no: 9087773449 [ random numbered] pretending to come from document@ your own email domain with a zip … Continue reading →
A blank email with the subject of Emailing: Image15.jpg [ random numbered] pretending to come from random senders at your own email domain or company with a zip attachment containing an encrypted HTA file They use email addresses and subjects that will entice a user … Continue reading →
Continue reading Emailing: Image15.jpg malspam using HTA files delivers Locky ransomware