20171003 virus capture macro min

#Security: Phishing with Macros once again!

  phishing   macros   security

Yesterday I received again an email from an address that should look like my boss email address.

Dienstag, 3. Oktober 2017 08:34
Guten Abend,

In der Anlage das SEPA Formular und die neue Rechnungsanschrift.

Viele Grüße
Boss Name
Macro Virus
VirusTotal report

I've uploaded the file to VirusTotal and only 5 antivirus detected it as a virus.

Here you find the reports:

I've just sent an email to uk-timber.co.uk. I hope this time the file is removed faster! I've already submitted the file to:

  • Avira
  • Sophos
  • Microsoft
  • Kaspersky
  • ...

It's funny, last month I turned off Microsoft Essential and switched to Avira (I read this). Avira does still not detect this file as a thread! I submitted the file there too.



Today another email with following text:

Mittwoch, 4. Oktober 2017 05:10
Hallo Riva, Mauro,

Im Anhang dieser E-Mail erhalten Sie Ihre Rechnung.

Viele Grüße


The file is only by 2 antivirus as a thread detected!

Macro Virus
VirusTotal report

No engines detect the website as a thread yet: report here

{{ message }}

{{ 'Comments are closed.' | trans }}