AppRiver Blog

Malware Distributors Target Online Holiday Shoppers

 

 

 

 

 

 

As online holiday shopping gets into full swing we are on the lookout for holiday related threats that we should all be wary of.

It’s likely that FedEx alone will deliver hundreds of millions of packages between Black Friday and Christmas Day. And with so many people expecting packages to be delivered at this...

Read More

Locky Bringing the Malware Volume Back Up

Earlier this year, we had a lull in malware traffic for about three weeks after the Necurs botnet quite suddenly stopped sending out junk. History repeated itself on October 6th when we experienced another drop in malware traffic. Today, that dive in traffic might be over, ending this streak. The Locky malware has kicked...

Read More

Zepto Ransomware in .hta files

Ransomware is very popular these days with many different variants constantly popping up. One of the more recent high impact versions is known as Zepto. We see many different file types abused in these malware campaigns - things like macro enabled word documents, .js script files, .wsf windows script files and so on. This...

Read More

Necurs Returning After a Short Vacation

Virus traffic has been huge so far in 2016. Mostly, this has been thanks to ransomware, and in particular, Locky distributed by the Necurs botnet. We've been seeing malware traffic counts in the tens of millions daily here for sometime now. This, of course, has its ups and downs, but for the past three weeks it's been...

Read More

Malicious Macros in Fake Adobe Messages

Over the past six months we have seen an increase in the number of emails with malicious Word (.doc) attachments. These messages utilize the available functionality in a file type that is very familiar to basically every computer user. By using this technique the attacker can increase the chances that one of these messages...

Read More

Federal Reserve Malware Campaign

We have a large malware campaign going on at the moment claiming to be messages from the Federal Reserve saying restrictions are going in place on federal wire and ACH online transactions. It hopefully strikes most people that it would be pretty out of place to receive an email from the Federal Reserve. However, there may...

Read More

Spam - all day, every day

Spam has been around almost since the internet was first created. In fact the first spam message was sent out through ARPANET which is the predecessor to the internet we know now. If you have an email address, it’s very likely you get spam messages as well. Sending spam emails is a tactic that’s still around today because...

Read More

Amazon themed malware targets Crypto Currency

Over the past week we have been monitoring (and blocking) a stream of malicious emails attempting to pose as legitimate Amazon purchase confirmations. The messages simply state that your order has been confirmed and contains a small amount of details. The user being target is directed to the attached .doc file for the...

Read More

Forged Best Buy Emails Distribute Malware

Fake Best Buy purchase confirmations attempting to spread malware have been circulating for the past week. These messages are simple. They appear with “Best Buy” in the [from] field and they inform the recipient that an order has been placed with Best Buy which needs to be confirmed for pick up. The recipient is then...

Read More

Campaigns Using Ebola To Grab Attention

Using current news events in spam and malware campaigns is nothing new. In fact we see it with most major tragedies or events. This time around the topic is the Ebola virus. We've been seeing both spam and virus campaigns using Ebola as a topic to get the readers attention, with one malware campaign even claiming to be...

Read More