Swift Ref-0.9376372.arj

TrustPort Mail Antivirus
Virus: Trojan.GenericKD.31710131

Swift Ref-0.9376372.arjВідправник: Graeme Martin <graeme.martin@uglilimited.com>
Тема: Re: T/T USD 78,845.10
Вкладення: Swift Ref-0.9376372.arj
Текст: Good Day,
Please find attached payment information made to your account for settlement of invoice attached.
Kindly confirm once you received the payment.
Note: payment will be successfully received within 72 banking hours. If you didn’t give any feedback within 3-5 banking days, this payment will be considered successfully received.
Mr Graeme Martin
Abdullah M.Al-Shahrani Exchange
P.O.Box No. 86820, Riyadh .11632
Kingdom of Saudi Arabia
Telephone: +96612653413/ 2643411


TrustPort Mail Antivirus: в одному файлі 6 (!!!) вірусів. Віруси: Java.Trojan.GenericGBA.2621, Java.Trojan.GenericGB.26801, Java.Trojan.GenericGB.26827, Java.Trojan.GenericGB.26826, Java.Trojan.GenericGBA.2772, Java.Trojan.GenericGB.26802

PAYMENT_invoice,24958.jarВідправник: “Ming Yao”<Admin@accounts.google.com>
Вкладення: PAYMENT_invoice,24958.jar
Текст: Good day,

I sincerely apologize for the late response.

We are ready to remit payment of due invoices.

Kindly confirm account details in attached invoice as requested by our financial department.

Best Regards.
Ming Yao
Sales Manager…

Увага, шахраї! Порношантаж!

Увага, шахраї! Порношантаж!Останні 6-7 місяців дуже багато власників корпоративних email отримують подібні листи, в яких шахраї вимагають від 300 до 3 тисяч USD в біткоінах.
В кожному з цих листів шахраї розповідають, що вони встановили на ваш ПК дуже “круту” программу, яка перехоплює всі паролі і антивірус ії не може побачити. Майте на увазі, що це афєра.

Текст: This account was recently hacked! Renew your password immediately!
You may not heard about me and you obviously are most probably interested why you are getting this electronic message, proper?
I’m ahacker who exploitedyour email boxand systemsome time ago.
Don’t make an attempt to get in touch with me or alternatively look for me, it is impossible, because I directed you this message using YOUR account that I’ve hacked.
I have set up malware to the adult vids (porno) site and guess you have spent time on this site to have some fun (you realize what I mean).
During you have been taking a look at content, your internet browser started out functioning like a RDP (Remote Control) with a keylogger which granted me permission to access your display and webcam.
After that, my programgotall information.
You have entered passcodes on the websites you visited, and I intercepted them.
Surely, you can modify them, or have already changed them.
But it really does not matter, my spyware updates information regularly.
What did I do?
I compiled a reserve copy of the system. Of all the files and each contact.
I have managed to create dual-screen record. The 1 section shows the clip you were watching (you’ve got a very good preferences, wow…), and the 2nd screen presents the recording from your webcam.
What must you do?
So, in my opinion, 1000 USD is a reasonable amount of money for our very little riddle. You’ll make the payment by bitcoins (if you don’t understand this, search “how to buy bitcoin” in Google).
My bitcoin wallet address:
(It is cAsE sensitive, so copy and paste it).
You have 48 hours to send the payment. (I have an exclusive pixel in this message, and at the moment I understand that you have read through this email).
To trackthe reading of a letterand the actionswithin it, I utilizea Facebook pixel. Thanks to them. (Anything thatcan be usedfor the authorities can helpus.)

In the event I fail to get bitcoins, I’ll undoubtedly give your video to each of your contacts, including relatives, co-workers, etc?

Акція на антивірус TrustPort Total Protection 1 рік 1 ПК

TrustPort Total Protection 1 рік 1 ПКЗ 22 січня 2019 до 31 березня антивірус TrustPort Total Protection 1 рік 1 ПК за акційною ціною – лише 25 USD.

Купити TrustPort Total Protection 1 рік 1 ПК

Акція діє на теріторії України (крім окупованих районів).


Вірус: Exploit.RTF-ObfsStrm.Gen
Відправник: “Al-Ayati Exchange” <h.ke@rug.nl>
Тема: Remittance
Текст: Dear sir,

Kindly re-confirm the Account number in the attached final invoice for remittance as advised by your customer to enable us remit the money into your account. Please confirm if the attached is yours correct account details so we can proceed with the remittance.

Ayati Sen
Al-Ayati Exchange
Add: Al Ansari Business Center, Level 7,
P.O.Box 6176, Istanbul, Turkey.
Tel:+90 71 600 54 600.



Re: RV: Contract 032619/payment

Вірус: Trojan.GenericKD.40923851
Відправник: “Info Secoex.com”<info@secoex.com>
Тема: Re: RV: Contract 032619/payment
Текст: Good Morning,
As advised by our sister company,please kindly find attached our order confirmation and payment copy.
View enclosed & advise at your earliest.

Налоговая запросила закрывающие документы, на договор от 01.01.2018г.

Лист має лінк на заархівований інфікований файл з розширенням “.SCR”
Вірус: Trojan.GenericKD.40870004
Відправник: ксюта <admin@mcsgo.ru>
Тема: накладные
Текст: Извиняюсь за позднее беспокойство
Налоговая запросила закрывающие документы, на договор от 01.01.2018г.
Очень ждем.

Налоговая запросила закрывающие документы, на договор от 01.01.2018г.

Налоговая запросила закрывающие документы, на договор от 01.01.2018г.


Не новий, але безвідмовний спосіб поширення вірусів: кіберзлочинці використовують соціальну інженерію.

Вірус: Trojan.Agent.DLVQ

Відправник: неля <admin@carfromskay.ru>
Тема: претензия №1
Вкладення: претензия №1.zip
Текст: Добрый день
По заказу у Вас от 03.12.2017 на 18.12.2018 не выполнены условия договора. Список претензий отправлен Почтой России заказным письмом и на Ваш емайл. Если не будет добровольного урегулирования, мы будем вынуждены обратиться в суд.
Направляю список замечаний для устранения


price list.zip

TrustPort Mail Antivirus

Virus: Trojan.Agent.DLVQ (Xenon)

Відправник: “Kharrison Stiven” <admin@boxchicken.ru>
Тема: table
Вкладення: price list.zip
Текст: Good morning
We would to buy an order.
List is attached
Thank you in advance.

price list.zip

Payment Advice- Ref:[GLVA30125121] / ACH credits / Customer Ref:[HS9505138646] / Second Party Ref:[REM-350620]

Відправник: Robert Busuttil BA(Hons), MBA<management@ejbusuttil.com>
Тема: Payment Advice- Ref:[GLVA30125121] / ACH credits / Customer Ref:[HS9505138646] / Second Party Ref:[REM-350620]
Вкладення: Payment Advice- RefGLVA30125121 ACH credits.iso
Текст: Good morning
I trust all is brilliant with you this morning J
Attached kindly find our swift of payment in settlement of our pending PI!
Should you require any further information, do not hesitate to contact me,
Wishing you and all your team a superb day and thanks again,

Robert Busuttil BA(Hons), MBA
E.J.Busuttil Ltd.
Triq ix-Xorrox,
Tel: +356 214458851/ +356 214471842 ext.114
Fax: +356 214453666
Skype: robert.busuttil90

CONFIDENTIALITY NOTICE: This e-mail communication and any attachments may contain proprietary and privileged information for the use of the designated recipients named above. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.