Over the last week or so I’ve received two batches of slightly different DocuSign phishing attempts. They are typical “click a link in the email that downloads a malicious .doc you have to enable macros in” attacks, though the first time I’ve seen DocuSign as the bluff. Also somewhat interesting that these attacks seem to […]
Category Archives: Spam Email Breakdowns
RE: OUTLOOK WEB NOTICE
Today a client received an email with the following contents: From: O’Malley, Mary Sent: Tuesday, September 13, 2016 1:24 AM Subject: OUTLOOK WEB NOTICE Your password Will Expire In {2} Days Current Faculty and Staff Should Log On To IT WEBSITE<http://xprs.imcreator.com/free/outlookweb/outlookexchange> To Validate Your E-mail.
Donation of $ 1.5 million Dollars!
Yesterday I received an email titled “Donation of $ 1.5 million Dollars!” from “Chris Colin & Weir <[email protected]>” that contained the following: My wife and I have awarded you with a donation of $ 1.5 million Dollars from part of our Jackpot Lottery of 161,653,000 Million Pounds, send your name,address, phone for claims. View http://www.bbc.co.uk/news/uk-scotland-glasgow-west-18801698 […]
[DOMAIN]_contract
The following email was received by a client (email domain redacted to “<DOMAIN>”), with an attachment named “<DOMAIN>_contract.doc”: From: [email protected] [mailto:[email protected]] Sent: Wednesday, July 13, 2016 9:29 AM To: <EMPLOYEE NAME> Subject: Re: <DOMAIN> contract I have attached our contract. Please check it and let me know if you want to add any changes. Thank […]
Data collection spam
Looking through my Gmail spam folder today, I noticed many emails along the lines of the following (Note: the To address is not mine, so I’m not sure where it came from): —–Original Message—– From: Wal-Mart Reward Points [mailto:[email protected]] Sent: Saturday, June 11, 2016 10:46 AM To: [email protected] Subject: Attn:Shopper:#4498-Order Confirmation-now needed-for-your store-orders. <http://bit.ly/1OfOv49> WaImart…..Live Better. […]
Re: unknown charge on my card
I received the following email from our address on a clients system (with their email domain name redacted): From: [email protected] [mailto:[email protected]] Sent: Thursday, June 16, 2016 6:36 AM Subject: Re: unknown charge on my card What is this $816.27 charge on my credit card? It shows this amount charged by <REDACTED DOMAIN NAME>. Please check […]
Attached scan doc
The other day a client received the below email with an attached .html file (“dropbox file share.html”): From: Jonathan Wunrow [mailto:[email protected]] Sent: Wednesday, June 15, 2016 11:33 AM Subject: Attached scan doc See the Attached quote file — Make it a Great Day! Jonathan Wunrow Program Manager/Grant Writer Cell – (907) 617-9956
Good morning – malicious Javascript attachment
A friend received an email titled “Good morning” with the following contents: I was visting your webpage on 5/5/2016 and I’m interested. I’m currently looking for work either full time or as a volunteer to get experience in the field. Please look over my Resume and let me know your thoughts. Regards, — Chaitanya Prabhat […]
madeiraexotics.com – Your Email Termination
The original message: Your email have been reported for sending spam messages (Email Messages Containing Banned Or Illegal Content) Your attention is required to avoid permanent termination of your email account. Copy below link to browser to verify your email address. http://webmail.com.service.onlineaccountservice.online.madeiraexotics.com/webmail.com/ Failure to comply will result to permanent termination of your email account Webmail […]
Winning notification – Information collection
From: [email protected] Subject: FW: WINNING NOTIFICATION OPEN THE FILE Included a Microsoft Word document “MICROSOFT AWARD PROMOTION 2013.doc”