MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “NEW ORDER PO_A2528/20160806”.
This fake email is send from the spoofed address “Irina Metodieva [email@example.com]”, is signed with the name Irina Metodieva from Cimcoop Holding LTD and has the following body:
Please find attached our PO_A2528/20160803, kindly send us Proforma Invoice for the listed attached products and your possible estimated delivery time to enable us proceed accordingly
Your prompt reply is needed.
Cimcoop Holding LTD
The attached file PO_A252820160806.zip contains the file PO_A252820160806.scr.