Berendsen UK Ltd Invoice 60020918 11 being spammed containing a word/excel document with embedded macro.
These emails aren't from Berendsen UK Ltd at all, they just being used to make the email look more genuine, ie. from a real company.
Note
It's also worth remembering that the company itself may not have any knowledge of this email and it's link(s) or attachment as it won't have come from their servers and IT systems but from an external bot net.
It's not advised to ring them as there won't really be anything they can do to help you. |
Company:
Berendsen is part of Berendsen plc, a leading provider of support services in the UK.
Berendsen UK Limited. Incorporated in England No. 228604.
Registered Office: 4 Grosvenor Place, London
SW1X 7DL
01256 339 200 |
Message Header:
From: {donotreply@berendsen.co.uk}
Subject: Berendsen UK Ltd Invoice 60020918 117
Message Body:
Dear Sir/Madam,
Please find attached your invoice dated 21st
February.
All queries should be directed to your branch that provides the
service.
This detail can be found on your invoice.
Thank you.
|
___________________________________________________________
This e-mail
and any attachments it may contain is confidential and
intended for the use
of the named addressee(s) only. If you are not
the intended recipient, you
have received it in error, please
immediately contact the sender and delete
the material from your
computer system. You must not copy, print, use
or disclose its
contents to any person. All e-mails are monitored for traffic
data and
the content for security purposes.
Berendsen UK Ltd, part of
the Berendsen plc Group.
Registered Office: 4 Grosvenor Place, London, SW1X
7DL.
Registered in England No. 228604
Attachment:
IRN001549_60020918_I_01_01.doc
IRN001549_60020918_I_01_01.xls
Md5 Hashes:
ff3c3fbeed637cccc7549636b7e0f7cdb [1]
f037944013dc6074413dc5551d8fc305
[2]
03b3e2f0e14aa48c124e9814ca3038d7 [3] |
Malware Macro document information:
VirusTotal Report [1] (hits 0/57 Virus Scanners)
VirusTotal Report [2] (hits 0/57 Virus Scanners)
VirusTotal Report [3] (hits 0/57 Virus Scanners) |
NOTE
The current round of Word and Excel attachments are targeted at Windows users.
Apple and Android software can open these attachments and may even manage to run the macro embedded inside the attachment.
The auto-download file is normally a windows executable and so will not currently run on any operating system, apart from Windows.
However, if you are an Apple/Android user and forward the message to a Windows user, you will them put them at risk of opening the attachment and auto-downloading the malware.
Currently these attachments try to auto-download Dridex, which is designed to
steal login information regarding your bank accounts (either by key logging, taking auto-screens hots or copying information from your clipboard (copy/paste)) |
Cheers,
Steve
1 comment:
Many thanks - I just received the same, apparently from IP 87.104.218.135
Post a Comment