From: Marc - The Furniture Market [firstname.lastname@example.org]
Date: 17 September 2014 15:40
Subject: TFM Confirmation - Order R12003585
Thank you for your order. Please find attached to this mail, confirmation of the products ordered and collected from us earlier today.
Should you have any further queries, then please do not hesitate to contact us.
The Furniture Market
( Tel: 01829 759 259
: web: www.thefurnituremarket.co.uk
VAT No. 904103182 │ Company No. 6491540
Please consider the environment before printing this e-mail
find us on facebooktwitter-logo-follow1 trustpilot-coolpriser
It is trivially easy to fake who an email message is "From", and this email looks very convincing which makes me suspect that the bad guys have based it on a real message, possibly harvested from a hacked computer.
The attachment is IR12003585-001.pdf which is a malicious PDF file with a VirusTotal detection rate of 10/54. The VT report indicates that it is using vulnerability CVE-2013-2729 to execute malicious code. If you are using an up-to-date version of Acrobat Reader (or an alternative PDF reader) then there is a good chance that you will be OK.
The Furniture Market gets considerable kudos in my book for being very on the ball and having a great big warning notice on their site. Hopefully they are just as efficient when it comes to delivering furniture!