Collaborate Disseminate
Another email pretending to come from your own email domain with the subject of Scanned image pretending to come from admin <southlandsxxxx@victimdomain.tld> with a zip (rar) attachment is another one from the current bot runs which downloads Locky Ransomware They use email … Continue reading →
Continue reading Scanned image pretending to come from your own email domain delivers Locky
An email with the subject of Scan #D34D94C50B_D8B8AAD5BA [ random characters ] pretending to come from HP Scanjet ( random email addresses starting with qwer at your own email domain ) with a zip attachment is another one from the current bot runs which downloads … Continue reading →
An email with the subject of You got a voice message! pretending to come from WhatsApp <Cleo477@gmx.de> with a zip attachment is another one from the current bot runs which downloads Locky Ransomware They use email addresses and subjects that will entice a … Continue reading →
Continue reading SPAM MALWARE: You got a voice message! WhatsApp delivers #Locky
An email with the subject of Thank you! pretending to come from random senders and email addresses with a zip attachment is another one from the current bot runs which downloads some unknown malware They use email addresses and subjects that will entice … Continue reading →
Continue reading SPAM MALWARE: Thank you! from random companies
An email with the subject of shipment address confirmation (re-send) pretending to come from info <info@dhl-services.com> with a zip attachment that extracts to a malicious word doc is another one from the current bot runs which try to download various Trojans and password stealers … Continue reading →
Continue reading SPAM MALWARE: shipment address confirmation (re-send)
An email with the subject of Invoice No. 424329473 from 18/05/2016 pretending to come from parcelforce.com <noreply@parcelforce.com> with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans … Continue reading →
Continue reading SPAM MALWARE: Invoice No. 424329473 from 18/05/2016
An email with the subject of Remittance Advice pretending to come from Random senders and email addresses with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like … Continue reading →
Continue reading SPAM MALWARE: Remittance Advice word doc with embedded OLE object
An email with the subject of Invoice 1723-812595 [ random numbered] pretending to come from random senders and email addresses with a zip attachment is another one from the current bot runs which contains what looks like the embedded Dridex binary inside the … Continue reading →
Continue reading SPAM MALWARE: Invoice 1723-812595 drops Dridex
Another email with the subject of Emailing: DOC 05-18-2016, 04 49 68 [ random numbered] pretending to come from your own email address with a zip attachment is another one from the current bot runs which downloads what is probably Dridex banking … Continue reading →
An email with the subject of BILL pretending to come from Store-Nellimarla Jute Mills Co Ltd.
Continue reading SPAM MALWARE: BILL Store-Nellimarla Jute Mills Co Ltd