FedEx Problems with item delivery, n.00196222 Shawn Maddox – JS malware leads to ransomware

Last revised or Updated on: 18th March, 2016, 6:56 AMAn email with the subject of  FedEx_00196222.zip pretending to come from  mogotoys@server.robo-apps.com; on behalf of; FedEx 2Day <shawn.maddox@mogotoys.com>  with a zip attachment is another one from the current bot runs which downloads ransomware They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: mogotoys@server.robo-apps.com; on behalf of; FedEx 2Day <shawn.maddox@mogotoys.com> Date: Fri 18/03/2016 02:49 Subject: Problems with item delivery, n.00196222 Attachment: FedEx_00196222.zip Body content: Dear Customer,  Your parcel has arrived at March 15. Courier was … Continue reading → Continue reading FedEx Problems with item delivery, n.00196222 Shawn Maddox – JS malware leads to ransomware

Interparcel Documents – word doc macro malware leads to Dridex

Last revised or Updated on: 17th March, 2016, 9:10 AMAn email with the subject of Interparcel Documents pretending to come from Interparcel <bounce@interparcel.com> with a malicious word doc attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Interparcel <bounce@interparcel.com> Date: none Subject:  Interparcel Documents Attachment: Shipping Labels (642079569307).doc Body … Continue reading → Continue reading Interparcel Documents – word doc macro malware leads to Dridex