macro virus – Page 28 – WindowsTechs.com

Remittance Adivce – word doc macro malware leads to #Dridex

Posted on March 17, 2016 by Derek

Last revised or Updated on: 17th March, 2016, 9:32 AMAn email with the subject of Remittance Adivce pretending to come from random names and email addresses with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender matches the name … Continue reading → Continue reading Remittance Adivce – word doc macro malware leads to #Dridex→

Interparcel Documents – word doc macro malware leads to Dridex

Posted on March 17, 2016 by Derek

Last revised or Updated on: 17th March, 2016, 9:10 AMAn email with the subject of Interparcel Documents pretending to come from Interparcel <bounce@interparcel.com> with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Interparcel <bounce@interparcel.com> Date: none Subject: Interparcel Documents Attachment: Shipping Labels (642079569307).doc Body … Continue reading → Continue reading Interparcel Documents – word doc macro malware leads to Dridex→

RE: MINERAL & FINANCIAL INVESTMENTS LTD – Order Number 89785/682352/15 status updated to order processing – word doc macro malware

Posted on March 16, 2016 by Derek

Last revised or Updated on: 16th March, 2016, 2:28 PMAn email with the subject of RE: MINERAL & FINANCIAL INVESTMENTS LTD – Order Number 89785/682352/15 status updated to order processing pretending to come from random names and email addresses with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. … Continue reading → Continue reading RE: MINERAL & FINANCIAL INVESTMENTS LTD – Order Number 89785/682352/15 status updated to order processing – word doc macro malware→

Unpaid Invoice – word doc macro malware

Posted on March 16, 2016 by Derek

Last revised or Updated on: 16th March, 2016, 11:52 AMAn email with the subject of Unpaid Invoice pretending to come from Dave.Maule@tiscali.co.uk ( probably random ) with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Dave.Maule@tiscali.co.uk Date: Wed 16/03/2016 11:08 Subject: Unpaid Invoice Attachment: … Continue reading → Continue reading Unpaid Invoice – word doc macro malware→

Your order summary from 365 Electrical Order number: 93602 – word doc macro malware – delivers Dridex

Posted on March 16, 2016 by Derek

Last revised or Updated on: 16th March, 2016, 11:03 AMAn email saying Thank you for shopping with 365 Electrical with the subject of Your order summary from 365 Electrical. Order number: 93602 ( random numbers) coming from random names and email addresses with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than … Continue reading → Continue reading Your order summary from 365 Electrical Order number: 93602 – word doc macro malware – delivers Dridex→

random invoice or bill – word doc macro leads to unknown malware

Posted on March 10, 2016 by Derek

Last revised or Updated on: 10th March, 2016, 9:46 AMAn email with random invoice or bill subjects coming from random names and emails addresses with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. A high proportion of these are not getting caught by the spam or content filters because they pass … Continue reading → Continue reading random invoice or bill – word doc macro leads to unknown malware→

DOC-Z21193008 Idris Mohammed – word doc malware leads to Dridex

Posted on March 9, 2016 by Derek

Last revised or Updated on: 9th March, 2016, 10:21 AMAn email with the subject of DOC-Z21193008 pretending to come from Idris Mohammed <idrismohammed29@gmail.com> ( random numbers after idrismohammed ) with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Idris Mohammed <idrismohammed29@gmail.com> Date: Wed … Continue reading → Continue reading DOC-Z21193008 Idris Mohammed – word doc malware leads to Dridex→

Order 1307605 (Acknowledgement) rick.adrio@booles.co.uk – word doc macro malware leads to Dridex

Posted on March 8, 2016 by Derek

Last revised or Updated on: 8th March, 2016, 9:56 AMAn email with the subject of Order 1307605 (Acknowledgement) pretending to come from rick.adrio@booles.co.uk with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: rick.adrio@booles.co.uk Date: Tue 08/03/2016 09:31 Subject: Order 1307605 … Continue reading → Continue reading Order 1307605 (Acknowledgement) rick.adrio@booles.co.uk – word doc macro malware leads to Dridex→

Remittance – RTF word doc macro malware

Posted on March 4, 2016 by Derek

Last revised or Updated on: 4th March, 2016, 11:44 AMAn email with the subject of Remittance coming from random email addresses, companies and names with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender, in this case Bridgette matches … Continue reading → Continue reading Remittance – RTF word doc macro malware→

INVOICE 0201510 mark price – excel xls spreadsheet macro malware leads to Dridex

Posted on March 4, 2016 by Derek

Last revised or Updated on: 4th March, 2016, 10:19 AMAn email with the subject of INVOICE 0201510 pretending to come from mark price <markprice_86@hotmail.com> ( random numbers after markprice0with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. This set of emails has come in … Continue reading → Continue reading INVOICE 0201510 mark price – excel xls spreadsheet macro malware leads to Dridex→