Sponsored by..

Monday, 18 January 2016

Malware spam FAIL: "Statements" / Alison Smith [ASmith@jtcp.co.uk]

This fake financial email does not come from J Thomson Colour Printers but is instead a simple forgery with a malicious attachment.
From     Alison Smith [ASmith@jtcp.co.uk]
Date     Mon, 18 Jan 2016 18:27:36 +0530
Subject     Statements

Sent 12 JAN 16 15:36

J Thomson Colour Printers
14 Carnoustie Place


G5 8PB

Telephone 0141 4291094
Fax 0141 4295638
Attached is a file S-STA-SBP CRE (0036).xls which is actually corrupt, due to a monumental failure by the bad guys. The payload is meant to be the Dridex banking trojan, but since Friday the attachments have been messed up and will either appear to be garbage or zero length. The payload itself should look similar to this one, also spoofing the same company.

No comments: