Collaborate Disseminate
Another pretty lame email from the Trickbot gang again today. Some days I really don’t understand this gang of criminals. They go to the bother of registering various look a like domains to send the emails from, so they might stand a better chanc… Continue reading Trickbot delivered via Fake HSBC Payment Advice using activeX controls in word macros
This example is an email containing the subject of “Urgent Action is required. – Companies House eReminder Service ” pretending to come from ereminders@companieshouse.gov.uk but actually coming from “DoNotReply@gov-delivery.uk&… Continue reading fake Companies House eReminder Service delivers Trickbot
Yet another fake or spoofed DHL delivery notification delivering what today turns out to be Lokibot . An email with the subject of “Arrival Notice For BL – 08/23/2018 / Vessel – DHL Express” coming from DHL Express Internationa… Continue reading Yet another Fake DHL delivery note delivers Lokibot
This generic email with the subject of “Invoice Due” coming from help@simplexhealthcare.info with a malicious password protected word doc attachment does eventually deliver some sort of malware. Recently password protected word docs have… Continue reading False Invoice Due email with password protected attachment delivers malware
Today’s Trickbot campaign is a pretty lame example from this prolific malware gang. The email containing the subject of “Submission 5DW8 F36N MG2A 9HJ not processed ” pretending to come from noreply.taxreg@notifications.hmrc.gov.uk b… Continue reading Fake HMRC “Submission 5DW8 F36N MG2A 9HJ not processed ” delivers trickbot
This example is an email containing the subject of ” You have received a Secure Doc message from Citi Secure Email Server ” pretending to come from Citi Group but actually coming from “noreply@securemailcenter-citigroup.com” whi… Continue reading Fake “You have received a Secure Doc message from Citi Secure Email Server” delivers Trickbot
Yet another change to the Trickbot Banking Trojan distribution system again today. Today the Trickbot gang are pretending that a scanner or multifunction device is emailing you a scanned document. We used to see this lure all the time from other malw… Continue reading Fake “Scanned from a Xerox Multifunction Printer ” delivers Trickbot
This example is an email containing the subject of “Critical Notice: Statement of Liabilities” pretending to come from HMRC but actually coming from “service@hmrcemail.co.uk” which is a look-a-like, typo-squatted or other domai… Continue reading Fake HMRC “Critical Notice: Statement of Liabilities” delivers Trickbot
An email with the subject of “This is an electronic efax Notification” pretending to come from efax but coming from efax@ramatmed.com with a link to download a malicious word doc that delivers Hancitor They are using email addresse… Continue reading Hancitor delivered via fake This is an electronic efax Notification
Following on from last week with an almost identical DHL malware campaign, today I am seeing yet another email pretending to be a DHL Shipment Notification with the subject of Arrival Notice For BL – 06/08/2018 / Vessel – DHL ATLAN… Continue reading Fake DHL Arrival Notice or Shipment Notice delivers malware via embedded exe files inside MP3 music files