Order – Page 8 – WindowsTechs.com

Your Order has been despatched from Harrison – excel xls spreadsheet malware

Posted on February 26, 2016 by Derek

Last revised or Updated on: 26th February, 2016, 2:45 PMAn email with the subject of Your Order has been despatched from Harrison pretending to come from warehouse | Harrison <warehouse@harrisonproducts.net> with a malicious Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: warehouse | Harrison <warehouse@harrisonproducts.net> … Continue reading → Continue reading Your Order has been despatched from Harrison – excel xls spreadsheet malware→

Order Conf. 3360069 designersguild.com – word doc malware

Posted on February 24, 2016 by Derek

Last revised or Updated on: 24th February, 2016, 11:18 AMIt looks like the Dridex gangs are back into the full swing of things today, after the last 2 days Public Holidays in Russia with an email with the subject of Order Conf. 3360069 pretending to come from Abigail Jones <ajones@designersguild.com> with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope … Continue reading → Continue reading Order Conf. 3360069 designersguild.com – word doc malware→

Ikea Thank you for your order! – word doc malware

Posted on February 24, 2016 by Derek

Last revised or Updated on: 24th February, 2016, 11:03 AMAn email that appears to be an Ikea order with the subject of Thank you for your order! pretending to come from DoNotReply@ikea.com with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. Many of these … Continue reading → Continue reading Ikea Thank you for your order! – word doc malware→

Rechnung Nr. 88971 vom 15.02.2016 pretending to come from your own email domain – word doc malware

Posted on February 22, 2016 by Derek

Last revised or Updated on: 22nd February, 2016, 1:49 PMI have only seen 1 copy of this malware so far today which is an email written in German language pretending to be from an ADVANCED COURIER with the subject of Rechnung Nr. 88971 vom 15.02.2016 pretending to come from Volker Maier <MaierVolker8742@malware-research.co.uk> ( I think it is probably a random name at your own email domain) with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very … Continue reading → Continue reading Rechnung Nr. 88971 vom 15.02.2016 pretending to come from your own email domain – word doc malware→

Rechnung Nr. 2016_131 lfw-ludwigslust.de – JS malware

Posted on February 19, 2016 by Derek

Last revised or Updated on: 19th February, 2016, 10:20 AMAn email with the subject of Rechnung Nr. 2016_131 pretending to come from fueldnerB9@lfw-ludwigslust.de with a zip attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: fueldnerB9@lfw-ludwigslust.de Date: Fri 19/02/2016 10:04 Subject: Rechnung Nr. 2016_131 … Continue reading → Continue reading Rechnung Nr. 2016_131 lfw-ludwigslust.de – JS malware→

Our new Order – fake PDF malware

Posted on February 19, 2016 by Derek

Last revised or Updated on: 19th February, 2016, 9:47 AMAn email with the subject of Our new Order pretending to come from Benalin CO LTD <jkt-genmbox@benline.co.id> with an executable file that is named to look like a PDF file attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. Note the … Continue reading → Continue reading Our new Order – fake PDF malware→