MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “UKSM Invoice 12959596”.
This email is send from the spoofed address “Willa Tyler <TylerWilla61718@torontocorporatevideo.com>” and has the following body:
Good time of day,
Thank you for choosing UK Safety Management Ltd. to carry out your Portable Appliance Testing.
Please find enclosed your invoice.
The attached file invoice12959596.doc is a Word file with malicious macro.
The malware is detected as HEUR(high).VBA.Trojan or CXmail/OleDl-A by 2 of the 54 AV engines at Virus Total.