Skip to content

Jason Rush

Pseudo-random blatter of Jason Rush

  • Projects

Category Archives: Spam Email Breakdowns

DocuSign Phishing

Over the last week or so I’ve received two batches of slightly different DocuSign phishing attempts. They are typical “click a link in the email that downloads a malicious .doc you have to enable macros in” attacks, though the first time I’ve seen DocuSign as the bluff. Also somewhat interesting that these attacks seem to […]

Posted byJason RushMay 19, 2017May 19, 2017Posted inSpam Email BreakdownsTags: .doc, docusign, encoded, phishing, vb, vba, vbscriptLeave a comment on DocuSign Phishing

RE: OUTLOOK WEB NOTICE

Today a client received an email with the following contents: From: O’Malley, Mary Sent: Tuesday, September 13, 2016 1:24 AM Subject: OUTLOOK WEB NOTICE Your password Will Expire In {2} Days Current Faculty and Staff Should Log On To IT WEBSITE<http://xprs.imcreator.com/free/outlookweb/outlookexchange> To Validate Your E-mail.

Posted byJason RushSeptember 13, 2016September 13, 2016Posted inSpam Email BreakdownsTags: data collection, phishing, spamLeave a comment on RE: OUTLOOK WEB NOTICE

Donation of $ 1.5 million Dollars!

Yesterday I received an email titled “Donation of $ 1.5 million Dollars!” from “Chris Colin & Weir <[email protected]>” that contained the following: My wife and I have awarded you with a donation of $ 1.5 million Dollars from part of our Jackpot Lottery of 161,653,000 Million Pounds, send your name,address, phone for claims. View http://www.bbc.co.uk/news/uk-scotland-glasgow-west-18801698 […]

Posted byJason RushSeptember 9, 2016September 8, 2016Posted inSpam Email BreakdownsTags: bbc, chris colin & weir, donation, lottery, phishing, spamLeave a comment on Donation of $ 1.5 million Dollars!

[DOMAIN]_contract

The following email was received by a client (email domain redacted to “<DOMAIN>”), with an attachment named “<DOMAIN>_contract.doc”: From: [email protected] [mailto:[email protected]] Sent: Wednesday, July 13, 2016 9:29 AM To: <EMPLOYEE NAME> Subject: Re: <DOMAIN> contract   I have attached our contract. Please check it and let me know if you want to add any changes.   Thank […]

Posted byJason RushJuly 14, 2016May 19, 2017Posted inSpam Email BreakdownsTags: contract, enable content, enable editing, malware, spam, vba, vbscriptLeave a comment on [DOMAIN]_contract

Data collection spam

Looking through my Gmail spam folder today, I noticed many emails along the lines of the following (Note: the To address is not mine, so I’m not sure where it came from): —–Original Message—– From: Wal-Mart Reward Points [mailto:[email protected]] Sent: Saturday, June 11, 2016 10:46 AM To: [email protected] Subject: Attn:Shopper:#4498-Order Confirmation-now needed-for-your store-orders.   <http://bit.ly/1OfOv49> WaImart…..Live Better. […]

Posted byJason RushJune 22, 2016June 24, 2016Posted inSpam Email BreakdownsTags: address, amazon, amazon prime, birthday, costco, data, data collection, date of birth, gift card, outback steakhouse, prize, survey, sweepstakes, walmartLeave a comment on Data collection spam

Re: unknown charge on my card

I received the following email from our address on a clients system (with their email domain name redacted): From: [email protected] [mailto:[email protected]] Sent: Thursday, June 16, 2016 6:36 AM Subject: Re: unknown charge on my card What is this $816.27 charge on my credit card? It shows this amount charged by <REDACTED DOMAIN NAME>. Please check […]

Posted byJason RushJune 16, 2016June 24, 2016Posted inSpam Email BreakdownsTags: .doc, spam, vb, vba, vbscriptLeave a comment on Re: unknown charge on my card

Attached scan doc

The other day a client received the below email with an attached .html file (“dropbox file share.html”): From: Jonathan Wunrow [mailto:[email protected]] Sent: Wednesday, June 15, 2016 11:33 AM Subject: Attached scan doc See the Attached quote file — Make it a  Great Day! Jonathan Wunrow Program Manager/Grant Writer Cell – (907) 617-9956

Posted byJason RushJune 16, 2016June 16, 2016Posted inSpam Email BreakdownsTags: .doc, aol, dropbox, gmail, hotmail, phishing, spam, yahooLeave a comment on Attached scan doc

Good morning – malicious Javascript attachment

A friend received an email titled “Good morning” with the following contents: I was visting your webpage on 5/5/2016 and I’m interested. I’m currently looking for work either full time or as a volunteer to get experience in the field. Please look over my Resume and let me know your thoughts. Regards, — Chaitanya Prabhat […]

Posted byJason RushMay 6, 2016June 16, 2016Posted inSpam Email BreakdownsLeave a comment on Good morning – malicious Javascript attachment

madeiraexotics.com – Your Email Termination

The original message: Your email have been reported for sending spam messages (Email Messages Containing Banned Or Illegal Content) Your attention is required to avoid permanent termination of your email account. Copy below link to browser to verify your email address. http://webmail.com.service.onlineaccountservice.online.madeiraexotics.com/webmail.com/ Failure to comply will result to permanent termination of your email account Webmail […]

Posted byJason RushSeptember 4, 2013January 11, 2016Posted inSpam Email BreakdownsTags: javascript, phishing, spamLeave a comment on madeiraexotics.com – Your Email Termination

Winning notification – Information collection

From: [email protected] Subject: FW: WINNING NOTIFICATION OPEN THE FILE Included a Microsoft Word document “MICROSOFT AWARD PROMOTION 2013.doc”

Posted byJason RushJuly 23, 2013January 11, 2016Posted inSpam Email BreakdownsTags: .doc, microsoft, phishing, yahooLeave a comment on Winning notification – Information collection

Posts navigation

1 2 Older posts
Jason Rush, Proudly powered by WordPress.
  • Spam Email Breakdowns
  • Fixes
  • Announcements
  • Contact