Dynamoo's Blog: Malware spam: "Pidwell, Nigel [nigel.pidwell@ssecontracting.com]" / "Western Order"

Friday, 24 April 2015

Malware spam: "Pidwell, Nigel [nigel.pidwell@ssecontracting.com]" / "Western Order"

The spam email is not from SSE Contracting, but is instead a simple forgery with a malicious attachment:

From:    Pidwell, Nigel [nigel.pidwell@ssecontracting.com]
Date:    24 April 2015 at 08:47
Subject:    Western Order

Regards

Nigel Pidwell
Administrator
SSE Contracting Limited
T: +44 (0) 1637 889506
E: nigel.pidwell@ssecontracting.com
Unit 8, Hurling Way,
St Columb Major Business Park, St Columb Major, Cornwall
TR9 6SX
www.sseenterprise.co.uk

So far I have only seen one sample Western Order.doc [VT 4/57] which contains a malicious macro [pastebin] which is functionally identical to the one used in this spam run which was also happening this morning.

2 comments:

Unknown said...: I received an identical email today although I didnt open the link.; 24 April 2015 at 13:03
Lynn Baillie said...: I received this also but as I deal with SSE I thought it was real. I am normally extremely careful not to open attachments but as I deal with SSE and norton didn't flag any issues I opened the WORD doc. What should I do to prevent any harm? What do you expect is in the doc that could cause problems?

Thanks.; 24 April 2015 at 13:50

Dynamoo's Blog

Link List

Sponsored by..

Friday, 24 April 2015

Malware spam: "Pidwell, Nigel [nigel.pidwell@ssecontracting.com]" / "Western Order"

2 comments: