EXE-in-ZIP – Page 6 – WindowsTechs.com

fake Japan Post Express Mail Service (EMS) malspam delivers Ursnif /Gozi /Papras banking trojan

Posted on April 18, 2017 by Myonlinesecurity

Continuing with the regular series of Japanese language malspam emails is today’s overnight onslaught with the subject of Express Mail Service (EMS) pretending to come from japanexpress@post.japanpost.jp. I am also getting a lot of emails with a malformed subject line ?iso-2022-jp?B?RU1TGyRCR1tDIz51NjckTjNORycbKEIgLSAbJEJNOUpYNkkbKEIgLSAbJEJGfEtcTTlALxsoQg==?= or ?iso-2022-jp?B?GyRCTT05cEw1JDckTk8iTW1AaEpROTkkZCUiJUklbCU5SlE5ORsoQiA=?= which I assume is an encoding error and it is … Continue reading → Continue reading fake Japan Post Express Mail Service (EMS) malspam delivers Ursnif /Gozi /Papras banking trojan→

fake Japan Post Express Mail Service (EMS) malspam delivers Ursnif /Gozi /Papras banking trojan

Posted on April 18, 2017 by Myonlinesecurity

more Japanese language “photos” malspam delivers malware

Posted on April 10, 2017 by Myonlinesecurity

Looks like we are back to Japanese malspam today with an email with the subject of 写真 ( photo) coming or pretending to come from random companies, names and email addresses with a semi-random named zip attachment which delivers malware which looks like Ursnif banking Trojan I don’t suppose many UK … Continue reading → Continue reading more Japanese language “photos” malspam delivers malware→

USPS Delivery Confirmation malspam email tries to deliver malware but fails

Posted on November 3, 2016 by Myonlinesecurity

The next in the never ending series of malware downloaders is an email with the subject of USPS Delivery Confirmation pretending to come from USPS Delivery Department <ecnpbsog@sling-ease.com> that attempts to download malware but currently fails. They use email addresses and subjects … Continue reading →

Source

Continue reading USPS Delivery Confirmation malspam email tries to deliver malware but fails→

USPS Delivery Confirmation malspam email tries to deliver malware but fails

Posted on November 3, 2016 by Myonlinesecurity

Source

Continue reading USPS Delivery Confirmation malspam email tries to deliver malware but fails→

NEW ORDER PO# 0422109M malspam delivers malware

Posted on November 2, 2016 by Myonlinesecurity

An email with the subject of NEW ORDER PO# 0422109M pretending to come from PT. Merindo Makm <kskim@skyfreight.co.kr> with a link to download a zip attachment which is some sort of Trojan. There is an image of an order for … Continue reading →

Source

Continue reading NEW ORDER PO# 0422109M malspam delivers malware→

malspam email BANK SLIP delivers unknown malware

Posted on October 31, 2016 by Myonlinesecurity

The next in the never ending series of malware delivery emails is an email with the subject of BANK SLIP coming as usual from what looks like random companies, names and email addresses with a zip attachment that contains some … Continue reading →

Source

Continue reading malspam email BANK SLIP delivers unknown malware→

ACH Payment Notification malspam delivers trickbot / dyre banking Trojan

Posted on October 20, 2016 by Myonlinesecurity

The next in the never ending series of malware downloaders is an email with the subject of ACH Payment Notification pretending to come from ap_vendor_pay2@bankofamerica.com with a with a random named / numbered zip attachment containing a .scr file. The icon … Continue reading →

Source

Continue reading ACH Payment Notification malspam delivers trickbot / dyre banking Trojan→

Credit Note CN-81553 from Nordstrom Inc (7907) malspam delivers trickbot / dyre banking Trojan

Posted on October 20, 2016 by Myonlinesecurity

The next in the never ending series of malware downloaders is an email with the subject of Credit Note CN-81553 from Nordstrom Inc (7907) pretending to come from Accounts <message-service@post.xero.com> with a random named / numbered zip attachment containing a .scr … Continue reading →

Source

Continue reading Credit Note CN-81553 from Nordstrom Inc (7907) malspam delivers trickbot / dyre banking Trojan→

Unclaimed Commission Report-WUBS malspam delivers Java Adwind

Posted on August 19, 2016 by Myonlinesecurity

We continue to see Java Adwind Trojans daily. Today’s example is a slight change to the delivery method from previous Malspam emails that have been using Moneyexpress.com or MoneyGram or other middle eastern money exchange bodies. This one is an email with … Continue reading →

Source

Continue reading Unclaimed Commission Report-WUBS malspam delivers Java Adwind→