macro virus – Page 31 – WindowsTechs.com

Bank of America Invoice Attached – word doc malware

Posted on February 22, 2016 by Derek

Last revised or Updated on: 22nd February, 2016, 4:59 PMAn email Appearing to be a Bank of America Invoice or statement with the subject of Invoice Attached coming from admin@mastershell.ru with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: … Continue reading → Continue reading Bank of America Invoice Attached – word doc malware→

Rechnung Nr. 88971 vom 15.02.2016 pretending to come from your own email domain – word doc malware

Posted on February 22, 2016 by Derek

Last revised or Updated on: 22nd February, 2016, 1:49 PMI have only seen 1 copy of this malware so far today which is an email written in German language pretending to be from an ADVANCED COURIER with the subject of Rechnung Nr. 88971 vom 15.02.2016 pretending to come from Volker Maier <MaierVolker8742@malware-research.co.uk> ( I think it is probably a random name at your own email domain) with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very … Continue reading → Continue reading Rechnung Nr. 88971 vom 15.02.2016 pretending to come from your own email domain – word doc malware→

Invoice FEB-51829253 – word doc or excel xls spreadsheet malware

Posted on February 19, 2016 by Derek

Last revised or Updated on: 19th February, 2016, 1:51 PMAn email with the subject of Invoice FEB-51829253 ( random numbers) pretending to come from random names and email addresses with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender matches the name of the Accounting … Continue reading → Continue reading Invoice FEB-51829253 – word doc or excel xls spreadsheet malware→

MTC Hof – MTC GmbH Per E-Mail senden: Rechnung-54-110090.xls – excel xls spreadsheet malware

Posted on February 18, 2016 by Derek

Last revised or Updated on: 18th February, 2016, 11:56 AMA German language email with the subject of Per E-Mail senden: Rechnung-54-110090.xls ( random numbers) pretending to come from MTC Hof – MTC GmbH <mtc-hof@mtc-handy.de> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The … Continue reading → Continue reading MTC Hof – MTC GmbH Per E-Mail senden: Rechnung-54-110090.xls – excel xls spreadsheet malware→

tracking documents cmsharpscan – word doc malware -Locky Ransomware

Posted on February 17, 2016 by Derek

Last revised or Updated on: 17th February, 2016, 2:01 PMAn email with the subject of tracking documents pretending to come from cmsharpscan3175@gmail.com <cmsharpscan6395@gmail.com> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: cmsharpscan3175@gmail.com <cmsharpscan6395@gmail.com> Date: Wed 17/02/2016 12:39 Subject: tracking … Continue reading → Continue reading tracking documents cmsharpscan – word doc malware -Locky Ransomware→

random invoices – word doc or excel xls spreadsheet malware

Posted on February 17, 2016 by Derek

Last revised or Updated on: 17th February, 2016, 8:59 AMWe have 2 concurrent runs of malspam this morning both with similar email subjects about invoices pretending to come from random companies with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The 1st email looks … Continue reading → Continue reading random invoices – word doc or excel xls spreadsheet malware→

receipt Accounts – word doc or excel xls spreadsheet malware

Posted on February 16, 2016 by Derek

Last revised or Updated on: 16th February, 2016, 9:53 AMAn email with the subject of receipt pretending to come from Accounts <accounts@aacarpetsandfurniture.co.uk> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Accounts <accounts@aacarpetsandfurniture.co.uk> Date: Tue 16/02/2016 08:22 Subject: receipt Attachment: CCE06102015_00000.docm … Continue reading → Continue reading receipt Accounts – word doc or excel xls spreadsheet malware→

Remittance Advice : Tue, 16 Feb 2016 16:55:29 +0800 fmis@oldham.gov.uk – word doc malware

Posted on February 16, 2016 by Derek

Last revised or Updated on: 16th February, 2016, 9:12 AMAn email with the subject of Remittance Advice : Tue, 16 Feb 2016 16:55:29 +0800 pretending to come from fmis@oldham.gov.uk with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The time in the subject is random The … Continue reading → Continue reading Remittance Advice : Tue, 16 Feb 2016 16:55:29 +0800 fmis@oldham.gov.uk – word doc malware→

Invoice (w/e 070216) Kelly Pegg – word doc malware

Posted on February 15, 2016 by Derek

Last revised or Updated on: 15th February, 2016, 12:07 PMAn email with the subject of Invoice (w/e 070216) pretending to come from Kelly Pegg <kpegg@responserecruitment.co.uk> with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Kelly Pegg <kpegg@responserecruitment.co.uk> Date: SKM_C3350160212101601.docm Subject: Invoice … Continue reading → Continue reading Invoice (w/e 070216) Kelly Pegg – word doc malware→

DVSA RECEIPT – word doc malware

Posted on February 12, 2016 by Derek

Last revised or Updated on: 12th February, 2016, 11:38 AMAn email pretending to be a fixed penalty ticket with the subject of DVSA RECEIPT pretending to come from Nicholas.Davies.43@vosa.gsi.gov.uk; on behalf of; FPO.CC.44@vosa.gsi.gov.uk with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Nicholas.Davies.43@vosa.gsi.gov.uk; on behalf … Continue reading → Continue reading DVSA RECEIPT – word doc malware→