Yesterday I received again an email from an address that should look like my boss email address.
Dienstag, 3. Oktober 2017 08:34 Guten Abend, In der Anlage das SEPA Formular und die neue Rechnungsanschrift. http://uk-timber.co.uk/Angebot-OMHZG-046754/ Viele GrÃ¼ÃŸe Boss Name
I've uploaded the file to VirusTotal and only 5 antivirus detected it as a virus.
Here you find the reports:
- Payload Security: https://goo.gl/tG5s7S
- VirusTotal (website analysis): https://goo.gl/XHK7eq
- VirusTotal (file analysis): https://goo.gl/8yZaj8
I've just sent an email to uk-timber.co.uk. I hope this time the file is removed faster! I've already submitted the file to:
It's funny, last month I turned off Microsoft Essential and switched to Avira (I read this). Avira does still not detect this file as a thread! I submitted the file there too.
Today another email with following text:
Mittwoch, 4. Oktober 2017 05:10 Hallo Riva, Mauro, Im Anhang dieser E-Mail erhalten Sie Ihre Rechnung. http://alvalley.com/16943-99275994359/ Viele GrÃ¼ÃŸe Boss.Name@our-institute.uni-hannover.de
The file is only by 2 antivirus as a thread detected!
No engines detect the website as a thread yet: report here