AppRiver Blog

Recent Posts by Troy Gill

Bank of America Themed Emails Attempting to Spread Trickbot

On Jan 31, we noticed a large malware push posing as Bank of America that attempted to dupe users into opening an attachment. Opening the attachment would launch an infection chain that ultimately would lead to malware infection.

Read More

WANTED: Your Office 365 Credentials

Here we go again - attackers are going "phishing" in search of user's Office 365 credentials. 

 In the past we have seen this sort of activity ramp up dramatically at many different points in time, and it is usually followed by a corresponding increase in attacks being launched from the compromised accounts.

Read More

Emailed Bomb Threats Demanding Bitcoin

This morning we noticed a disturbing email campaign attempting to scare recipients into making a large payment in exchange for human life.

Read More

Banking Trojan Takes Aim at UK Businesses

Just after 10 a.m. this morning UK businesses were targeted with an email campaign attempting to infect networks with the Trickbot Banking Trojan.

Utilizing a similar approach to what we have seen in the past, the messages were crafted to appear as legitimate “secure emails” from Lloyds Bank. This approach is one we...

Read More

'Ammyy Admin' RAT Leveraged in Massive Malware Campaign

Late yesterday, while most people were just settling back into their desk after lunch… a large botnet [Necurs] began pumping out a massive malware campaign targeting millions of businesses and individuals. After the dust had settled, we had quarantined just over 25 million of these email-based attacks. This campaign had...

Read More

Malware Campaign Targets Banking Institutions

 

Read More

HMRC-themed emails carry Trickbot infection

A cybercrime group is currently targeting businesses in the UK with malware-laden emails containing the banking Trojan known as Trickbot.

In the past years, several malware families have been seen heavily targeting the UK in attempts to spread banking Trojans looking to gain access to business and personal accounts.

Read More

Phony HSBC Emails Carry Spyware Infection

Today we are seeing a malware push from the Necurs botnet attempting to distribute a Spyware Trojan via the Hancitor downloader. The malicious email campaign is somewhat cleverly disguised as an encrypted email from HSBC Financial.

Read More

Attackers Leverage Stolen Email Credentials In Malware Attacks

Throughout 2017 we observed a major increase in phishing efforts, reaching peak levels over the summer, and this trend has continued to intensify in 2018. Much of this effort was expertly tailored to gather users’ login credentials to their preferred email provider. Ultimately attempting to compromise Office365, Gmail, ...

Read More

As Tax Season Looms, CPA Firms Targeted with Advanced Malware

As the 2018 tax season gets underway, we want to make sure everyone is aware of the many dangers we see surrounding this event each year.

In fact, curiosity and uncertainty surrounding recent tax law changes may leave many individuals more susceptible to falling victim to one of the many tax-themed attacks that we...

Read More