Info collector

Latest SPAM

Malware spam: Scotiabank / “Secure email communication” / Secure.Mail@scotiabankmail.com

By on April 27, 2017 in Latest SPAM

This fake financial spam leads to malware: From:    ScotiaBank [Secure.Mail@scotiabankmail.com]Date:    27 April 2017 at 14:13Subject:    Secure email communicationSigned by:    scotiabankmail.comScotia Secure Email LogoSecure mail waiting: (Secure)Scotiabank has sent you a secure, encrypted e-mail message. To view this e-mail, please visit “Scotiabank Secure Email Service” or check attach

Continue Reading »

Malware spam: Royal Mail Grоup / “Delivery attempt fail notice”

By on April 27, 2017 in Latest SPAM

This fake Royal Mail email leads to malware. From: Aretha Stickles [mailto:support@360modshop.com] Sent: 27 April 2017 12:31Subject: Delivery attempt fail noticeDеаr customеr [redacted]Your pаrcel has been in the post office for a very long time.You must to receive it it within five days.TRACKING: RB379949016UK Expeсted Delivery Dаte: April 21, 2017 Class: Packagе Servicеs Sеrvicе: Delivery

Continue Reading »

Malware spam: “Copy of your 123-reg invoice” / no-reply@123-reg.co.uk

By on April 19, 2017 in Latest SPAM

This fake financial spam does not come from 123-Reg (nor is it sent to 123-Reg customers). It has a malicious attachment. From     no-reply@123-reg.co.ukDate     Wed, 19 Apr 2017 17:19:51 +0500Subject     Copy of your 123-reg invoice ( 123-093702027 )Hi [redacted],Thank you for your order.Please find attached to this email a receipt for this payment.Help […]

Continue Reading »

Malware spam: “RE: RE: ftc refund” / secretary@ftccomplaintassistant.com

By on April 17, 2017 in Latest SPAM

This fake FTC email leads to malware. Curiously, it was sent to a company that received a multimillion dollar FTC fine, but this is almost definitely a coincidence. From:    Federal Trade Commission [secretary@ftccomplaintassistant.com]Date:    17 April 2017 at 15:25Subject:    RE: RE: ftc refundIt seems we can claim a refund from the FTC.Check this out and give […]

Continue Reading »

Malware spam: “Company Documents” / WebFilling@companieshousemail.co.uk and companieshouseemail.co.uk plus others

By on April 13, 2017 in Latest SPAM

This spam email does not come from Companies House, but is instead a simple forgery with a malicious attachment: From:    Companies House [WebFilling@companieshousemail.co.uk]Date:    13 April 2017 at 11:10Subject:    Company DocumentsSigned by:    companieshousemail.co.uk Company Documents This

Continue Reading »

Pump and dump spam: Quest Management Inc (QSMG) stock

By on April 11, 2017 in Latest SPAM

Following on from last month’s INCT pump and dump spam the Necurs botnet is now promoting Quest Management Inc (QSMG) instead. From:    Jenna GoffDate:    11 April 2017 at 13:37Subject:    FDA approval is about to send this stock up fifty foldWhy is Quest Management (Symbol: QSMG) guaranteed to jump 5,000% this month?They have a cure for […]

Continue Reading »

Malware spam: “DHL Urgent Delivery”

By on April 11, 2017 in Latest SPAM

This fake DHL spam includes the recipients real name. In this case it was sent to someone in Germany, but written in English. The malware payload is identical to this one in Polish. Von: DHL Parcel [mailto:info@glaefcke.de] Gesendet: Dienstag, 11. April 2017 11:03An: [redacted]Betreff: DHL Urgent DeliveryYOUR DELIVERY IS TODAY Hi, [redacted]The scheduled delivery is […]

Continue Reading »

Malware spam: “Sprawdź stan przesylki DHL”

By on April 11, 2017 in Latest SPAM

This spam targeting Polish victims seems quite widespread. It leads to malware. The email is personalised with the victim’s real name which has been harvested from somewhere. From: DHL Express (Poland) [mailto:biuro@nawigatorxxi.pl] Sent: Monday, April 10, 2017 7:09 PM To: [redacted] Subject: Sprawdź stan przesylki DHL Sprawdź stan przesylki DHL Szanowny Kliencie, [redacted] Informujemy,

Continue Reading »

borezo.info – spam selling anti-spam services

By on April 3, 2017 in Latest SPAM

If you are in the business of selling spam filtering.. it is probably not a good idea to do it by sending out spam.. From:    Camille Arpaillange [contact@borezo.info]To:    contact@[redacted]Date:    3 April 2017 at 15:55Subject:    [redacted] – Protect emails received on your domain nameSigned by:    sg.borezo.infoDiscover our SaaS solutionAnti-Virus, Anti-Spam and Anti-Phishing SMTP

Continue Reading »

25.0.0.0/8 is not your private network

By on April 3, 2017 in Latest SPAM

A recent phishing email originating from an Office 365 caused some confusion.. apparently originating fom an address in the 25.0.0.0.8 range which according to a WHOIS lookup is the UK’s Ministry of Defence. % Abuse contact for ‘25.0.0.0 – 25.255.255.255’ is ‘hostmaster@mod.uk’inetnum:        25.0.0.0 – 25.255.255.255netname:        UK-MOD-19850128country:        GBorg:           

Continue Reading »

Top