AppRiver Blog

Recent Posts by David Pickett

Sextortion vs Bombtortion Hoaxes

Sextortion vs Bombtortion

Yesterday, December 13th, bomb threat hoaxes via email sparked law enforcement agencies all over the world into chasing down non-existent devices. Many researchers and media outlets were quick in observing the similarity the bomb threats shared with sextortion campaigns. While the sextortion...

Read More

New Sextortion Campaign - Caught you cheating!

Today's Sextortion Message - Caught Cheating

Read More

SPISHING Attacks: Phishing Emails That Talk

A New Twist

As a company who protects 60,000+ businesses worldwide, AppRiver's Security Team has no shortage of phishing emails to continuously defend against. While analyzing samples for new techniques and tactics we ran across one that was a familiar phishing scam with a surprising, but amusing twist.

Read More

THREAT ALERT: Cybercrooks Abusing Microsoft Azure Storage Custom Domain Name Feature

THREAT ALERT: Cybercrooks Abusing Azure Custom Domain Name Feature

Read More

TrickBot Campaign Spoofs Dun & Bradstreet

Trickbot Spoofs Dun & Bradstreet

On Wednesday, Sept. 4, in just under an hour's time AppRiver's SecureTide malware engine stopped 103,791 malicious Word documents destined to clients. The campaign was designed to drop the Trickbot Trojan onto an unsuspecting users system. This particular attack spoofed the data and...

Read More

BEC Attacks Evolving - Phishing via XPS Files

We've seen it time after time, malicious actors routinely attempt to confuse recipients of messages with obscure or lesser-utilized file extensions.

Over the past month, some phishing attempts using xps files instead of the typical pdf or doc/docx formats have been captured by our filters.  The xps file format is...

Read More

Office 365 Business Email Compromise Attacks Proliferate

Office 365 Business Email Compromise Attacks

The Office 365 (O365) platform has experienced tremendous growth and there is no sign of that trend slowing.  More businesses than ever reside with - or plan to migrate accounts to - the expanding Microsoft Business or Enterprise services. Scammers have taken notice and have...

Read More

Warning! Trojan Droppers Exploiting Symbolic Link (.SLK) Files

Trojan Droppers Exploiting Symbolic Link Files

Malicious actors routinely attempt to confuse recipients of messages with obscure file extensions to load malicious files on the victims machine.

For most users the .slk file is recognized in Microsoft Office software as an Excel file. However, as detailed here, it also is...

Read More

Necurs Botnet Launching Massive Ransomware Attacks

****Update: 12/29/2017 9 A.M.****

Necurs botnet operators continue to show unpredictability. Following the afternoon blog update yesterday they turned up the volume.  It ended up being our highest volume day of the year originating from the massive botnet.  We blocked 49,784,485 million ransomware messages destined to...

Read More

Assassination Threats Demand Bitcoin Ransom

Assassination Threats Demand Bitcoin Ransom

Processing more than a billion messages a month we tend to see the good, bad, and ugly emails of the internet. It's pretty rare a message will raise our eyebrows or fall into a "disturbing" category, especially for our team that sees the whole range of the underworld daily.

Read More