The Trojan of the Month Award goes to: Avril Sparrowhawk CWIH8974 PAYMENT RECEIVED

I just got a bit of malware spam: “CWIH8974 PAYMENT RECEIVED” / “Avril Sparrowhawk [Avril.Sparrowhawk@lescaves.co.uk]”

This fake financial spam does not come from Les Caves de Pyrene but is instead a simple forgery with a malicious attachment. How did I know it was spam? I don’t buy wine. 🙂

If you receive this e-mail, delete it immediately and contact your IT Support company. Do not open the attachment(s).

virusThe attached file is a malicious document “CWIH8974.doc” which has a low detection rate. There are likely other variants of this virus going around but in the cases we’ve seen it downloads a malicious executable file from.

The virus itself allows the hacker to compromise the web browser so that when the user tries to log in to their Internet Banking, the details are leaked to the hacker who attempts to withdraw funds from the user’s bank account.

From: Avril Sparrowhawk [Avril.Sparrowhawk@lescaves.co.uk]
Date: 22 December 2015 at 11:14
Subject: CWIH8974 PAYMENT RECEIVED
Continue reading “The Trojan of the Month Award goes to: Avril Sparrowhawk CWIH8974 PAYMENT RECEIVED”

Advertisements