This morning we began seeing an influx of emails attempting to dupe users into downloading and opening a malicious office document. The messages are made to look like an alert from the popular remote access and password management provider LogMeIn. They state that your payment method has been declined and offers a link to “download the bill directly”.

Here’s a look at the message and subsequent file download:

logmein-scam

logmeinjpg

The file is actually a macro-enabled .doc file that contains the ever-growing banking malware known as “VawTrack” or “NeverQuest”. While most of the macro malware we have seen lately contains ransomware such as Locky, this one is a different sort of evil. This particular malware has been in circulation for a few years now but has continued to evolve with both the way it infects as well as functionality within the code. In this case it appears to use the Pony executable within the document. Once the infection has gained a foothold, it then calls home and pulls down the VawTrack infection.  This malware quickly goes to work collecting and infiltrating data via HTTP that is disguised to look like legitimate traffic.

In the past few hours we have seen tens of thousands of these messages hitting our filters, though this only represents a small percentage of the total traffic associated with this particular campaign. This is just the latest in the ongoing attacks from this malware family that we have been monitoring.

Part 2 of 3: New Mail Features in iOS 10 include Draft Folder Synchronization, HTML Signatures, and Updated Settings Menu

 

iOS 10 Introduces Draft Folder Synchronization in Mail app

We have all begun typing an email and become sidetracked or refocused at some point in our professional or personal lives, leaving the email in a Drafts folder in Outlook to be completed later. How convenient would it be to open that message on a smartphone or tablet, edit and complete the message, and tap send? While this might seem a commonsense approach, the capability to sync draft messages between devices has been notably absent from most popular mobile email client applications.

Microsoft previously announced Draft Folder synchronization would be available for the first time with ActiveSync protocol version 16. ActiveSync is the protocol that allows mobile devices to synchronize email and other data with an Exchange mailbox. This version of ActiveSync is supported for the latest Exchange platform – Exchange 2016 and Exchange Online – which are available with AppRiver’s Secure Hosted Exchange or Office 365 Plus.

Despite the availability of the protocol, synchronization of the Draft folder with Exchange was very limited several months later as applications needed to be updated by their respective developers in order to include the new features. Mail in iOS 9 officially supports ActiveSync version 16, however it does not support Draft Folder synchronization. Apple confirmed this in a support article.

After downloading the iOS 10 software update we tested draft folder synchronization between Outlook for Windows, OWA (Outlook Web App), and Apple’s Mail app. Draft folder synchronization was successful both to and from the server. Not only does this allow editing and completing a drafted email from mobile, but also means you can now compose a draft in Mail and complete it on a laptop or desktop later.

To save drafts and sync them between your devices simply compose a new email message (however much you write), cancel sending the message, and tap Save Draft. The message will be stored in the Drafts folder within the Exchange mailbox.

 

image1

 

The draft will sync to the Exchange mailbox, and you can open it in the Drafts folder from Outlook, and edit the message before sending it.

draft-synced-from-iphone-to-outlook

 

 

Tech Tip:

Exchange accounts added after the update to iOS 10 should save drafts to the server by default, however the new feature was not enabled automatically for one of our test accounts that was configured prior to the update. That account maintained the “Save on my iPhone” setting from prior to the update.

To make sure Mail is saving drafts to the Drafts folder that syncs with the Exchange server take the following steps:

1. From the Home screen tap Settings.

image2

 

2. Tap Mail.

image3

 

3. Tap Accounts.

* If you do not Accounts this indicates only one account is configured. Proceed to the following step.

image4

 

4. Tap the Exchange account to update.

image5

 

5. Tap the email address next to Account.

image6

 

6. Tap Advanced Settings.

image7

 

7. Tap the dial next to Store Drafts on Server to slide it to the right.

* When the feature is enabled the dial is green as demonstrated in the image below.

image8

 

Draft messages created prior to the past seven days were not displayed in Mail, however, this is a result of the default Mail Days to Keep setting which determines the duration of email stored locally in Mail. The setting can be modified in the Exchange account settings to download and store all email from the server, but this will utilize more device storage as well as data usage. The default setting of “1 week” will allow access to messages stored on the server by searching from within the Mail app.

 

Continue to part 3: HTML Email Signatures in iOS 10

 

 

About the Author: Aaron Cohoon is a Mobile Solutions Administrator for AppRiver, a leading hosted Exchange e-mail security provider. Aaron has a significant Technical Support background in the telecommunications industry, accompanied with an immeasurable drive and dedication.

With the September 13, 2016 of iOS 10 and subsequent updates – up to iOS 10.1.1 – the latest software is available and in use for many iPhone, iPad, and iPad users. If you don’t already have the latest update you can check here to determine if your mobile device is compatible. You can also check for the software update from your device by tapping Settings then General, followed by Software Update.

We dove into the aspects of Apple’s iOS 10 that would inevitably come into play for those of us that use AppRiver’s Secure Hosted Exchange or Office 365 Plus, along with others who rely on Exchange to deliver email, contacts, calendar, notes, and tasks daily to stay connected and productive. Technology news outlets such as iMore have extensively discussed new features in Mail including Filter, Conversation Thread, and Unsubscribe in detail so we will focus on three changes that have received little media attention to this date.

1. Updated Settings Menu in iOS 10

2. iOS 10 Introduces Draft Folder Synchronization in Mail

3. HTML Email Signatures in iOS 10

 

Part 1 of 3: Updated Settings Menu in iOS 10

Mail, Contacts, Calendars, Notes, and Reminders (tasks) are now separated into independent settings menus within the system Settings app. It is no longer necessary to scroll through a huge menu to navigate the respective settings of these services.

 

ios-10-updated-settings-menu-image1

 

Here are some samples of what to expect when navigating the new Settings menus for Mail, Contacts, Calendar, Notes, and Reminders:

Mail

ios-10-updated-settings-menu-image2

 

Mail (continued)

ios-10-updated-settings-menu-image3

 

The only disadvantage to this we have observed is a potential need to tap on each respective menu to modify the Default Account setting. This setting determines to which account a new email, contact, calendar, or other item will be added when creating it from the mobile device. If you want new contacts to sync with your corporate Exchange email account you will likely need to change the default account setting from iCloud or “on my iPhone”.

 

Contacts

ios-10-updated-settings-menu-image4

 

Calendar

ios-10-updated-settings-menu-image5

 

Accounts are accessible in each respective settings menu. This serves as a short cut to Accounts that sync the respective service whether it is Mail, Contacts, Calendar, Reminders, or Notes. The Exchange (or other account type) only needs to be configured in Mail to show up under the other settings menus if synchronization is enabled for each service when the account is added.

 

Notes

ios-10-updated-settings-menu-image6

 

Reminders

ios-10-updated-settings-menu-image7

 

Continue to part 2:

iOS 10 Introduces Draft Folder Synchronization in Mail

 

 

 

About the Author: Aaron Cohoon is a Mobile Solutions Administrator for AppRiver, a leading hosted Exchange e-mail security provider. Aaron has a significant Technical Support background in the telecommunications industry, accompanied with an immeasurable drive and dedication.

Since 2010, AppRiver’s security research team has noticed a spike in spam and malware traffic the Tuesday and Wednesday before Thanksgiving–often in the tens of millions. The messages, such as the ones below, are almost always related to the holiday season, trying to trick consumers into opening their “enticing offers” on the latest Christmas deals and steals.

christmas-spamchristmas-spam-2

However, instead of signing up for a Christmas tree delivery or sending a cute gift from Santa, the Grinch is actually out to steal Christmas. According to Jonathan French, a security analyst at AppRiver, “Sometimes, cybercriminals look to get personal information and credit card information that they can exploit. Other times, it’s spammers using photos of legitimate products/services to trick users in to going to a fake website, that either is infected for malware or is phishing for those credit card numbers.”

So why the spike the Wednesday before Thanksgiving? Email traffic is already on the rise with Black Friday and Cyber Monday deals, so it only makes sense that cybercriminals follow suit and try to imitate these legitimate emails. French adds, “The cybercriminals aren’t trying to stump consumers with Christmas spam and malware in July. They’re sending these messages at a time when every store in America is also sending holiday discounts to their customers. That makes it a lot harder for consumers to weed out the good emails from the bad.”

It’s not impossible, however. French offers these tips to consumers:

  1. If the message sounds too good to be true, or if it looks fake, it probably is. Just junk it. Or if you’re an AppRiver customer, send it to spam@appriver.com.
  2. A consumer should ask herself if she’s ever received an email from that particular store before. If she’s never signed up for an email list or shopped there, she should be wary of how it got into her inbox.
  3. A common email campaign we see this time of year involves “shipping confirmations” from UPS, FedEx, and USPS that must be opened via a .zip attachment. DO NOT OPEN THIS ATTACHMENT. Big postal and package delivery services will never send you a shipping confirmation in a .zip attachment. They will send it in the body of an email, or ask you to login to your account to view it.
  4. Toggle over all of the URL links within the email. If Amazon sends you a Black Friday sale alert and there’s a link to a gadget, take two seconds to hold your mouse over the link before clicking. If it shows amazon.com or smile.amazon.com, feel free to click on it. If it shows akljfaasedaf.com, Amazon didn’t send you that email. Don’t click on it.
  5. Use good judgement. It can be easy to get wrapped up in all of the merriment and excitement of Christmas shopping. Don’t let that put blinders on you when you’re being prompted to enter your credit card number or open email attachments from an email prompt.