Dynamoo's Blog

Yesterday I saw a series spam emails from Necurs apparently attempting to collect replies to super.testtesttest2018@yahoo.com . Although t...

This email is sent from the Necurs botnet and appears to be collecting automatic replies, using a Reply-To email address of super.testtest...

This fake invoice comes with a malicious attachment: From :    invoices@ebillinvoice.com Date :    18 July 2017 at 09:37 Subject :   ...

It's been a little while since we've since an illegal pump-and-dump spam from the Necurs botnet, but here is a new one pushing a ...

This spam pretends to come from John Miller Ltd (but doesn't) and comes with a malicious payload. The domain mentioned in the email d...

Currently underway is a malicious spam run with various subjects, for example: Scan_5902 Document_10354 File_43359 Senders are random,...

Another day and another fake DHL message leading to an evil .js script. From : DHL Parcel UK [redacted] Sent : 02 May 2017 09:30 To : [...

This fake financial spam leads to malware: From :    ScotiaBank [Secure.Mail@scotiabankmail.com] Date :    27 April 2017 at 14:13 Subje...

This fake Royal Mail email leads to malware. From : Aretha Stickles [mailto:support@360modshop.com] Sent : 27 April 2017 12:31 Subject ...

This fake financial spam does not come from 123-Reg (nor is it sent to 123-Reg customers). It has a malicious attachment. From     no-r...

This fake FTC email leads to malware. Curiously, it was sent to a company that received a multimillion dollar FTC fine, but this is almost...

This spam email does not come from Companies House, but is instead a simple forgery with a malicious attachment: From:    Companies House...

Following on from last month's INCT pump and dump spam the Necurs botnet is now promoting a Latvian company Quest Management Inc (QSM...