From: Clare ClementsSo far I have seen just one sample of this spam, and it was malformed so it was not possible to open the attachment without decoding it first. When done, this gave a file FILENAME.DOC with a detection rate of 3/54. The Malwr report for the document is inconclusive, but it most likely attempts to load the Dridex banking trojan.
Date: 13 January 2016 at 15:05
Subject: EDI Remittance Alert (BACS-E18020)
Please find attached EDI BACS Remittance NO. E18020