Inappropriate fees report - infected eMail warning

danger iconFirst of two infected email warnings recieved today.

This one basically asks you to resubmit an invoice for payment, or should that be infoice?

Kindly advise You that fee schedules received yesterday include two defects in amounts.
Please mail corrected infoices according to the enclosed files.
Our company will pay new invoices in four days.
Rebecca Smith

The attached files, if you were to download them would run a file that would at the least infect your computer, at worst, would send your...


Read more: Inappropriate fees report - infected eMail warning

Nigerian 419 Scams are still active - Warning

danger iconThe dreaded, and dreadful, Nigerian 419 Scams are still dropping into our inboxes from time to time. I don't know if the scammers think our attention span is so poor we'll forget about them if they stop sending them for a while or not?

These scams attempt to con the reader into sending their bank details off to total strangers who pretend to offer you the chance to "help them out" by transferring funds from some bank account wherever it may be, into yours to basically launder it, then transfer...


Read more: Nigerian 419 Scams are still active - Warning

Your latest invoice from The Fuelcard Company spoof eMail Warning!

danger iconYour latest invoice from The Fuelcard Company UK Ltd pretending to come from This email address is being protected from spambots. You need JavaScript enabled to view it. with a malicious word doc or Excel XLS spreadsheet attachment  is another one from the current bot runs which try to download various Trojans and password stealers especially banking credential stealers. They are using email addresses and subjects that will entice a user to read the email and open the attachment.

The contents of the spoof email are similar to the following:

Please find your...


Read more: Your latest invoice from The Fuelcard Company spoof eMail Warning!

Statement from [RANDOM FIRM] eMail Warning

danger iconA second round of infected emails hitting my inbox today! This time the Subject starts with "Statement from" and follows with a random firm's name. This evening I've received infected emails from a couple of random firms, whose names are all in Capitals so a bit of a giveaway there.

The content is pretty similar and punctuation is pretty appaling. Of course this email is NOT sent by the firms mentioned but the firm's email address is spoofed and their accounts have not been hacked...


Read more: Statement from [RANDOM FIRM] eMail Warning

Exchange Email id####### eMail Warning!!

danger iconWell, today's infected email is a strange one! The sender is me, alledgedly, having been supposedly sent from Administrator [AT] dragonrider.co.uk (there's no such email address existing by the way). The Subject is Administrator - Exchange Email id####### where the Administrator is taken from the sender's email prefix and the id is made up of 7 random characters which also makes up the infected attachment's filename.

Looking closer at the send path brings up the a more likely suspect email...


Read more: Exchange Email id####### eMail Warning!!

Essential OR Significant notification eMail Warning!

danger iconToday's round of infected emails have a Subject of either Significant or Essenital notification followed by a random 6 digit number and the content varies but is basically either:

Good morningGood Afternoon,We have attained a payment from you for the sum of £ 1265. Please would you provide me with a remittance, in order for me to conform the statement.I will be  handing on you a statement of outstanding invoices tomorrow, the whole amount of outstanding is £ 4434 less the 1 draft received...


Read more: Essential OR Significant notification eMail Warning!

Important information eMail Warning!

danger iconToday's infected email has the Subject of Important information and the subject is just

Good morning

Please find attached a remittance advice, relating to a payment made to you.

Many thanks

Regards,

Zachariah Burgess

Seniour Finance Assistant

Shame the guy can't spell Senior, might just have been a valid email if he could spell (NOT!)

The infected ZIP file has a file name starting with your email prefix plus"_" then random characters and ends with the filetype of .doc which is probably...


Read more: Important information eMail Warning!

Storm Sewer Project eMail Warning!

danger iconYet another round of infected spam emails arriving today, this time they have a Subject of CITY OF Port Arthur - STORM SEWER Project and come from various spoofed email address. The contents seem to be the same regardless of the apparent sender's address:

Please see attachment for contract.  Please sign and return.
 
Thanks      
 
Fred Stepp - Office Manager
McInnis Construction, Inc.,
675 South 4th Street
Silsbee, Texas 77656
email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: 409-385-5767
Fax...


Read more: Storm Sewer Project eMail Warning!

Levy adjustment notice eMail Warning!

danger iconToday's round of infected emails have a Subject of "Levy adjustment notice", have an approx size of 31Kb and a ZIP attachment of 8 random characters as it's name.

The email has the contents of:

Be warned that VAT alters from Monday.
See the file enclosed.
Note that tax amounts to be paid to the tax authorities have to be reestimated.

Jane Nelson
Chief accountant

As always, never open such an attachment as they usually have a exe file embedded that will automatically run once opened and will...


Read more: Levy adjustment notice eMail Warning!

Check your requisite eMail Warning!

danger iconLatest batch of infected emails received today have a subject of Check your requisite and have a size of approx 31Kb with the content being

Good morning
Could You please check your requisite details under the contract #5yyx0U

Where the characters after the hash (#) are random but match the file name of the attached, and infected, zip file which in fact will contain an auto running exe file. If you open it, you'll infect your computer to send out even more of this infected rubbish. The four...


Read more: Check your requisite eMail Warning!