Emotet banking Trojan delivered by fake invoice reminder emails appearing to come from a known contact

A very simple email but potentially very dangerous and very likely to be opened, read and acted upon by the recipient. This was sent to a small charity that I administer the website and email service for. I managed to intercept the email, just in time. The alleged sender is Continue reading → Continue reading Emotet banking Trojan delivered by fake invoice reminder emails appearing to come from a known contact

Pagamento malspam delivers malware

An Italian language email with the subject of Pagamento  pretending to come from rita.fossen@zwjnv.191.it  with a malicious Excel XLS spreadsheet attachment  delivers some sort of malware, most probably a Zeus Panda / Zbot variant They are using email addresses and subjects that will scare or entice a user to read the email and Continue reading → Continue reading Pagamento malspam delivers malware

Spoofed DNB bank ( Norway) Viktig – Sikre documenter delivers Trickbot banking Trojan

An email with the subject of Viktig – Sikre documenter pretending to come from DNB (A Norweigian bank ) but actually coming from a look-a-like domain DNB <secure@dnbdocs.com>  or  DNB <secure@dnbdoc.com> with a malicious word doc attachment  is today’s latest spoof of a well-known company, bank or public authority delivering Trickbot Continue reading → Continue reading Spoofed DNB bank ( Norway) Viktig – Sikre documenter delivers Trickbot banking Trojan

Trickbot delivered via fake eFax messages

An email with the subject of eFax pretending to come from EFax but actually coming from a whole range of look-a-like domains and for some strange reason today they are also coming from spoofed servicepaypal and NatWest domains with a malicious word doc attachment is today’s latest spoof of a well-known Continue reading → Continue reading Trickbot delivered via fake eFax messages

Another fake New Secure Message Royal Bank of Scotland delivers Trickbot banking trojan

An email with the subject of New Secure Message Royal Bank of Scotland pretending to come from Royal Bank of Scotland but actually coming from a whole range of look-a-like domains with a malicious word doc attachment is today’s latest spoof of a well-known company, bank or public authority delivering Continue reading → Continue reading Another fake New Secure Message Royal Bank of Scotland delivers Trickbot banking trojan

Trickbot banking Trojan delivered by spoofed Canadian Imperial Bank of Commerce messages

An email with the subject of Canadian Imperial Bank of Commerce  pretending to come from CIBC but actually coming from a  whole range of look-a-like domains and for some strange reason today they are also coming from spoofed eFax and NatWest domains  with a malicious word doc attachment  is today’s latest spoof of Continue reading → Continue reading Trickbot banking Trojan delivered by spoofed Canadian Imperial Bank of Commerce messages

More Fake NatWest Bank messages with a password protected word doc delivers trickbot

An email with the subject of Important : Incoming BACs Documents pretending to come from NatWest Bank but actually coming from a look-a-like domain Natwest <message@natwestbacs.co.uk>   or  Natwest <message@natwestbacs.com> with a password protected malicious word doc attachment  is today’s latest spoof of a well-known company, bank or public authority delivering Trickbot banking Trojan Continue reading → Continue reading More Fake NatWest Bank messages with a password protected word doc delivers trickbot

More Fake NatWest Bank messages with a password protected word doc delivers trickbot

An email with the subject of Important : Incoming BACs Documents pretending to come from NatWest Bank but actually coming from a look-a-like domain Natwest <message@natwestbacs.co.uk>   or  Natwest <message@natwestbacs.com> with a password protected malicious word doc attachment  is today’s latest spoof of a well-known company, bank or public authority delivering Trickbot banking Trojan Continue reading → Continue reading More Fake NatWest Bank messages with a password protected word doc delivers trickbot

New Secure Message Royal Bank of Scotland delivers Trickbot banking Trojan

An email with the subject of New Secure Message Royal Bank of Scotland pretending to come from RBS  but actually coming from a look-a-like domain RBS bankline secure email <noreply@rbsbankline##.ml>   with a malicious word doc attachment  is today’s latest spoof of a well-known company, bank or public authority delivering Trickbot banking Trojan. Continue reading → Continue reading New Secure Message Royal Bank of Scotland delivers Trickbot banking Trojan