August 2016 – The latest round of spam emails invite the reader to view an invoice that is attached to the email.
What I find alarming is the spammer has managed to send these spam emails to email addresses which are not in the public domain.
They are email addresses we setup for specific use, often with a single company. Put simply, they are forwarders.
- firstname.lastname@example.org – (redirects to our main mailbox)
Which basically means, our forwarder security has been compromised. There is no way that a spammer could have discovered these addresses in the public domain.
Typical Spam Email
Here are 4 that arrived in at the same time.
You will see your invoice (ID. 4375900 – 2802.74 AUD) included to this notification. We respectfully request you to remit payment at your earliest , be informed that the due date is 10 days from today’s date.
In case you have already processed this payment, we kindly ask you to ignore this email. Should you have further questions, connect with us at (07) 30690107.
Andrews Insurance Services P/L
We are thankful for doing business with us. You are receiving this email to inform you that your invoice ( 913306) for A$2,347.52 is 8 days past payment day.
For details, check the enclosed document.
Suplest Australia Pty Ltd | Knight Composites Australasia Pty Ltd
Please find your invoice (ref. 5560233 – 2,805.84 $) enclosed below. Please send funds at your earliest chance, just be advised that the due date is ten days from the day of this email.
If you have already sent this payment, we kindly ask you to ignore this letter. Shall you have further questions, connect with us at (02) 42553934.
Thanks for being with us!
We are thankful for your business. You are receiving this notification to let you know that your account (ref: 574704) for A$1224.61 is 8 days overdue.
To view information, see the enclosed sheet.
Thanks so much,
Now heres the catch… if you run a virus checker over the attachment, it will reprt it is OKL, but when you then try and open the file is when the trouble starts. You can see the message (thumbnail) which reports that WORD has encountered an issue and to click OK. Thats when the fun begins. Clicking OK starts a download program that will infect your PC.
Do NOT try and open it or click OK
Delete the spam email and attachment.
- Set-up a message rule
- Block it
- Mark As SPAM
- Blow it up