MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “NEW ORDER (URGENT AIR SHIPMENT) ”.
On the 4th August we detected and intercepted a similar campaign Fake email NEW ORDER PO_A2528/20160806 from Cimcoop Holding contains malware but with a ZIP file.
This fake email is send from the spoofed address “Andrea Scott <firstname.lastname@example.org>”, is signed with the name Andrea Scott from Cimcoop Holding LTD and has the following body:
Please find attached our new orders and qoute your best prize. Your urgent response will be appreciated as we would like delivery to done mid September if possible.
Do let us know if you have any further queries and we look forward to hear from you soon.
Cimcoop Holding LTD