Sponsored by..

Friday 24 April 2015

Malware spam: "Pidwell, Nigel [nigel.pidwell@ssecontracting.com]" / "Western Order"

The spam email is not from SSE Contracting, but is instead a simple forgery with a malicious attachment:
From:    Pidwell, Nigel [nigel.pidwell@ssecontracting.com]
Date:    24 April 2015 at 08:47
Subject:    Western Order


Nigel Pidwell
SSE Contracting Limited
T: +44 (0) 1637 889506
E: nigel.pidwell@ssecontracting.com
Unit 8, Hurling Way,
St Columb Major Business Park, St Columb Major, Cornwall

So far I have only seen one sample Western Order.doc [VT 4/57] which contains a malicious macro [pastebin] which is functionally identical to the one used in this spam run which was also happening this morning.


Unknown said...

I received an identical email today although I didnt open the link.

Lynn Baillie said...

I received this also but as I deal with SSE I thought it was real. I am normally extremely careful not to open attachments but as I deal with SSE and norton didn't flag any issues I opened the WORD doc. What should I do to prevent any harm? What do you expect is in the doc that could cause problems?