This fake invoice is a forgery with a malicious attachment:
From: invoices@ebillinvoice.com
Date: 18 February 2015 at 09:01
Subject: UK Fuels Esso E-bill
Customer No : 90714
Email address : [redacted]
Attached file name : 36890_06_2015.DOC (ZIP)
Dear Customer
Please find attached your invoice for Week 06 2015.
If you have any queries regarding your e-bill you can contact us at invoices@ebillinvoice.com.
Alternatively you can log on to your account at www.velocitycardmanagement.com to review your transactions and manage your account online.
Yours sincerely
Customer Services
UK Fuels
======================================================
This email, its content and any files transmitted with
it are confidential and intended solely for the use of
the individual(s) to whom it is addressed.
If you are not the intended recipient, be advised that
you have received this email in error and that any use,
dissemination, forwarding, printing or copying of
this email is strictly prohibited.
======================================================
I have only seen a single sample of this, with a ZIP file
36890_06_2015.zip attached, which in turn contains a document
36890_06_2015.doc. This document contains a malicious macro, and is exactly the same as the one used in
this campaign leading to the Dridex banking trojan.
No comments:
Post a Comment