Fake broadviewnet.net voice message malspam delivers Locky Ransomware

This Morning’s first in  the never ending series of Locky ransomware downloaders has started early in UK, this Monday Morning. They are sticking with  Voice Message theme again today. It is an email with the subject of  Message from 02031136950 ( random phone number)  pretending to come from server@random number.um.broadviewnet.net . They all Continue reading → Continue reading Fake broadviewnet.net voice message malspam delivers Locky Ransomware

spoofed unlimitedhorizon.co.uk Voice Message Attached from 01258895166 – name unavailable malspam delivers Trickbot banking trojan

Next in today’s Trickbot banking Trojans coming via the Necurs botnet is an email with the subject of   Voice Message Attached from 01258895166 – name unavailable [ random numbered]  pretending to come from  vm@unlimitedhorizon.co.uk  with a zip attachment  which downloads They use email addresses and subjects that will entice a user to Continue reading → Continue reading spoofed unlimitedhorizon.co.uk Voice Message Attached from 01258895166 – name unavailable malspam delivers Trickbot banking trojan

SureVoip malspam pretending to come from voicemailandfax@ random domains delivers Locky

The next in the never ending series of Locky downloaders is an email with the subject of  Voicemail from [random name] [random number] <[random number]> [random time] pretending to come from voicemailandfax@  random email addresses  with a semi-random named zip attachment  containing a HTA … Continue reading →

Source

Continue reading SureVoip malspam pretending to come from voicemailandfax@ random domains delivers Locky

Voice Message from Outside Caller (3m 54s) Peach Telecom delivers #Locky /#Zepto

An email with the subject of   Voice Message from Outside Caller (3m 54s) [ random length ]  pretending to come from Peach Telecom <peach_necsv06@hotmail.com>  ( random number after  peach_necsv )  with a zip attachment  which downloads Locky / Zepto ransomware They use email … Continue reading →

Source

Continue reading Voice Message from Outside Caller (3m 54s) Peach Telecom delivers #Locky /#Zepto

Vigor2820 Series New voice mail message from random telephone number on 2016/08/23 21:01:59 delivers Locky /Zepto ransomware

Today’s Locky/ Zepto ransomware malspam emails have come steadily in waves all day long. There have been 2 distinct different subjects and themes. one pretending to be a voice message from your own email domain or company, with the second pretending … Continue reading →

Source

Continue reading Vigor2820 Series New voice mail message from random telephone number on 2016/08/23 21:01:59 delivers Locky /Zepto ransomware

SPAM MALWARE: You got a voice message! WhatsApp delivers #Locky

An email with the subject of  You got a voice message! pretending to come from  WhatsApp <Cleo477@gmx.de>  with a zip attachment is another one from the current bot runs which downloads Locky Ransomware They use email addresses and subjects that will entice a … Continue reading →

Source

Continue reading SPAM MALWARE: You got a voice message! WhatsApp delivers #Locky

WhatsApp You just missed a voice notice! – malware

An email with the subject of You just missed a voice notice!   pretending to come from with WhatsApp  a zip attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers, which may … Continue reading → Continue reading WhatsApp You just missed a voice notice! – malware

Soho66 New Voicemail Message From 07792084437 – JS malware

An email with the subject of  New Voicemail Message From 07792084437 [ random numbers]  pretending to come from Soho66 <noreply@soho66.co.uk> with a zip attachment is another one from the current bot runs which downloads some sort of malware that analysis is inconclusive. … Continue reading → Continue reading Soho66 New Voicemail Message From 07792084437 – JS malware

Voice Message Attached from +44163311902 – name unavailable inclarity voicemail – JS malware leads to Dridex

Last revised or Updated on: 9th March, 2016, 10:33 AMAn email with the subject of  Voice Message Attached from +44163311902 – name unavailable [ random numbered]  pretending to come from voicemail <voicemail@inclarity.net>   with a zip attachment is another one from the current bot runs which downloads Dridex banking malware They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The telephone number in the subject line changes with each email but  all start with +44163  and matches the first part of the attachment name The email looks … Continue reading → Continue reading Voice Message Attached from +44163311902 – name unavailable inclarity voicemail – JS malware leads to Dridex