macro virus – Page 21 – WindowsTechs.com

Invio fattura/ordine Italian malspam with embedded ole object lnk files delivers some sort of malware

Posted on April 4, 2017 by Myonlinesecurity

Back to Italian Language malspam again today with an email with the subject of Invio fattura/ordine pretending to come from with a zip file containing 2 malicious word docs delivers some sort of malware . They are using email addresses and subjects that will scare or entice a user to read the email and open … Continue reading → Continue reading Invio fattura/ordine Italian malspam with embedded ole object lnk files delivers some sort of malware→

malspam email Companies House – new company complaint delivers Trickbot banking Trojan

Posted on November 2, 2016 by Myonlinesecurity

An email with the subject of Companies House – new company complaint pretending to come from Companies House <noreply@companieshouses.co.uk> with a malicious word doc with macros delivers Trickbot banking Trojan They are using email addresses and subjects that will scare or entice a … Continue reading →

Source

Continue reading malspam email Companies House – new company complaint delivers Trickbot banking Trojan→

malspam email Companies House – new company complaint delivers Trickbot banking Trojan

Posted on November 2, 2016 by Myonlinesecurity

Source

Continue reading malspam email Companies House – new company complaint delivers Trickbot banking Trojan→

malspam email GDS – New Fax Message delivers malware

Posted on November 1, 2016 by Myonlinesecurity

An email with the subject of GDS – New Fax Message pretending to come from GDS Fax <service@gov-fax.co.uk> with a malicious word doc containing macros which downloads what looks like Trickbot banking Trojan from the IP addresses it connects to, … Continue reading →

Source

Continue reading malspam email GDS – New Fax Message delivers malware→

malspam email Payment has been made delivers Trickbot banking Trojan

Posted on October 31, 2016 by Myonlinesecurity

An email with the subject of Payment has been made -9999 ( random number) pretending to come from random names @ random companies with a malicious word doc attachment delivers Trickbot banking Trojan. Trickbot is the successor to Dyre / Dyreza banking Trojan … Continue reading →

Source

Continue reading malspam email Payment has been made delivers Trickbot banking Trojan→

Important – New fax received malspam delivers Trickbot banking trojan

Posted on October 28, 2016 by Myonlinesecurity

A slightly unusual email with the subject of Important – New fax received pretending to come from Administrator <Administrator@internalfax.net> or Administrator <Administrator@internalfax.com> with either a malicious word doc attachment or a zip file containing a .js file which downloads Trickbot … Continue reading →

Source

Continue reading Important – New fax received malspam delivers Trickbot banking trojan→

Dridex delivered via lnk files in embedded ole objects in word docs

Posted on October 28, 2016 by Myonlinesecurity

A contact sent me a few word docs that have been received in what appeared to be quite closely targeted attacks against his infrastructure. I do not have the emails so I cannot comment on the effectiveness of the delivery … Continue reading →

Source

Continue reading Dridex delivered via lnk files in embedded ole objects in word docs→

Document from random name at your own email domain malspam delivers trickbot banking Trojan

Posted on October 28, 2016 by Myonlinesecurity

An email with the subject of Document from random name pretending to come from random name <random.name@victim domain.tld> with a malicious word doc attachment delivers a trickbot banking Trojan ( the successor to Dyre) . This uses a somewhat complicated method of delivery to … Continue reading →

Source

Continue reading Document from random name at your own email domain malspam delivers trickbot banking Trojan→

James Correy Re: Order Details delivers malware via malicious office docs

Posted on October 27, 2016 by Myonlinesecurity

An email with the subject of Re: Order Details pretending to come from James Correy <jamescorrey@gmail.com> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially … Continue reading →

Source

Continue reading James Correy Re: Order Details delivers malware via malicious office docs→

Final payment request pretending to come from HMRC delivers malware

Posted on October 17, 2016 by Myonlinesecurity

An email with the subject of Final payment request pretending to come from angela.fynan@hmrc.gsi.gov.uk <info@websitesage60.us> with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex … Continue reading →

Source

Continue reading Final payment request pretending to come from HMRC delivers malware→