SPAM MALWARE: Remittance Advice word doc with embedded OLE object

An email with the subject of  Remittance Advice pretending to come from Random senders and email addresses with a malicious word doc attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like … Continue reading →

Source

Continue reading SPAM MALWARE: Remittance Advice word doc with embedded OLE object

Remittance Details (USD 7956.88) – your web address – word doc rtf macro malware delivers Dridex

An email with the subject of  Remittance Details (USD 7956.88) – your web address  pretending to come from  random senders  with a malicious word doc or Excel XLS spreadsheet attachment  is another one from the current bot runs which try to … Continue reading → Continue reading Remittance Details (USD 7956.88) – your web address – word doc rtf macro malware delivers Dridex

Multiple email subjects delivering Locky ransomware

Last revised or Updated on: 30th March, 2016, 2:31 PMwe are seeing a whole series of different email subjects and body contents  coming from random senders downloading Locky ransomware from multiple places today They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. Most of these are using such generic subjects that somebody must be expecting an email about that sort of thing so are likely to open it without really thinking. Some of the subjects include FW:Expenses Report # 109681 – 03/2016 payment confirmation Additional … Continue reading → Continue reading Multiple email subjects delivering Locky ransomware

Remittance Adivce – word doc macro malware leads to #Dridex

Last revised or Updated on: 17th March, 2016, 9:32 AMAn email with the subject of Remittance Adivce  pretending to come from random names and email addresses  with a malicious word doc or Excel XLS spreadsheet attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender matches the name … Continue reading → Continue reading Remittance Adivce – word doc macro malware leads to #Dridex

Remittance – RTF word doc macro malware

Last revised or Updated on: 4th March, 2016, 11:44 AMAn email with the subject of Remittance coming from random email addresses, companies and names   with a malicious word doc or Excel XLS spreadsheet attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender, in this case Bridgette matches … Continue reading → Continue reading Remittance – RTF word doc macro malware

remittance advice for the payment made on the 19th Feb 2015 from Hillsong Church London. – JS malware leading to ransomware

Last revised or Updated on: 2nd March, 2016, 12:56 PMAn email pretending to be a remittance advice for the payment made on the 19th Feb 2015 from Hillsong Church London with a random subject of  MEARS GROUP March Invoice #17577 [ random numbered]  and random company names  pretending to come from Random senders with a zip attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may include cridex, dridex, dyreza and various  Zbots, cryptolocker, ransomware and loads of other malware on your computer. They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium … Continue reading → Continue reading remittance advice for the payment made on the 19th Feb 2015 from Hillsong Church London. – JS malware leading to ransomware

BACS Remittance Advice (25/02/16) Threadneedle Property Investments Ltd – word doc malware

Last revised or Updated on: 25th February, 2016, 4:11 PMAn email with the subject of  BACS Remittance Advice (25/02/16) pretending to come from  random names and email addresses with a malicious word doc attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender matches the name of … Continue reading → Continue reading BACS Remittance Advice (25/02/16) Threadneedle Property Investments Ltd – word doc malware

more random invoice from word doc leading to Dridex or Locky ransomware

Last revised or Updated on: 24th February, 2016, 5:43 PMWe are suddenly flooded again this afternoon with emails about invoices and remittance advices  pretending to come from random companies and random email addresses with a malicious word doc  attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. There are 3 distinct email templates spreading.All mention … Continue reading → Continue reading more random invoice from word doc leading to Dridex or Locky ransomware

Remittance Advice : Tue, 16 Feb 2016 16:55:29 +0800 fmis@oldham.gov.uk – word doc malware

Last revised or Updated on: 16th February, 2016, 9:12 AMAn email with the subject of Remittance Advice : Tue, 16 Feb 2016 16:55:29 +0800 pretending to come from fmis@oldham.gov.uk with a malicious word doc or Excel XLS spreadsheet attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The time in the subject is random The … Continue reading → Continue reading Remittance Advice : Tue, 16 Feb 2016 16:55:29 +0800 fmis@oldham.gov.uk – word doc malware