Fake email (PCN) Parking Charge Notice from Havering London Borough


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the notification of a parking chare note from Havering London Borough Email Reporting Service (PCN) ID: IBC/237 Email Notification Service (PCN) Record ID: NWT/99 Email Reminder Service (PCN) Record ID: MHD/611 This email is send from the spoofed addresses: The London … Continue reading Fake email (PCN) Parking Charge Notice from Havering London Borough

New Javascript malware in email DHL Express “Pakket gemist”


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject "Pakket gemist" targetting specific .nl domains. This email is send from the spoofed address "DHL Express <pakket-gemist@dhl-express.nl>" and has the following body in Dutch: DHL Express Helaas, we hebben je gemist! Er was niemand thuis toen onze bezorger bij … Continue reading New Javascript malware in email DHL Express “Pakket gemist”

New WSF malware in email with subject “Fixed invoices”


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject "Fixed invoices". This email is send from the spoofed addresses and has the following body: Dear fabbfdcc7, Sorry for mistakes in the invoice. The number is 362, the amount came to $289.26. Please check out the details in the … Continue reading New WSF malware in email with subject “Fixed invoices”

Email based threat leads to malicious Word file


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with different content. Sample 1: From:  "rm@restaurantcocotte.com" <rm@restaurantcocotte.com> Subject: ******.be due invoice Content: I tried to fax you the invoice we discussed about over the phone. It did not go through, so we uploaded it to our invoice portal : Due Invoice … Continue reading Email based threat leads to malicious Word file

New VBS malware in email “Please verify” leads to Locky


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject "Please verify". This email is send from the spoofed addresses and has the following body: Hey *******, as you requested, I have proofread the technical document you sent. There are some confused parts in it. Please verify the parts … Continue reading New VBS malware in email “Please verify” leads to Locky

New VBS malware in email with subject “Bill” – Locky ransomware


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject "Bill". This email is send from the spoofed addresses and has the following body: Dear ******* To continue using our maintenance service, please pay for last month's fee by 4th of November. The bill is attached in the email. … Continue reading New VBS malware in email with subject “Bill” – Locky ransomware