Scam Got a Scam/Spam or Phish in my junk or normal mail box (Mega Thread)

D

Deleted Member 3a5v73x

Haven't got any nice attachment in my main inbox lately, however I do receive quite a nice amount of questionable links which may lead to those. By the time I try them links are already dead. :D

outlook1.PNG
 
  • Like
Reactions: BryanB, brambedkar59 and Eddie Morra
E

Eddie Morra

stepseven84 said:
Maybe the macromalware is just a dropper and once executed, it can download the malicious executable that would have a higher ratio on VT.
Click to expand...
That would be a logical explanation.

Most of the time, malicious Office VBA Macro's will simply act as an entry to gain code execution on the machine before deploying file-less script attacks or dropping another loader on the environment. Following this, the real payload normally comes into play.
 
  • Like
Reactions: BryanB, ChemicalB and brambedkar59
E

Eddie Morra

I can try and investigate the attachment for you if you'd like and provide some malware analysis insight. I'm a bit bored these days, it'll spice things up.

Send me the attachment download in a PM - if you don't have it, I'll use the VT link and see if I can find the sample myself.
 
  • Like
Reactions: BryanB, brambedkar59 and Moonhorse
F

ForgottenSeer 69673

Eddie Morra said:
I can try and investigate the attachment for you if you'd like and provide some malware analysis insight. I'm a bit bored these days, it'll spice things up.

Send me the attachment download in a PM - if you don't have it, I'll use the VT link and see if I can find the sample myself.
Click to expand...
You changed your nickname again? This one is easier to pronounce. The sample is still in my inbox.
 
  • Like
Reactions: BryanB, brambedkar59 and Eddie Morra
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
21,581
No PayPal account, so this never gets old.

Link: Complete IP Address Details for 202.194.159.244


Full of errors. Can you spot them?
We found your account has been logged with difference devices and locations, we suspect that the party is not responsible've entered your account without you knowing.
[..]
Your account has been limited because we find suspicious activity very fatal. Reviews Please immediately log into your account and fill out all the data we provide to recover your account.
Click to expand...

1597339658373.png
 
  • Like
Reactions: oldschool, Gandalf_The_Grey and harlan4096
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
21,581
Redacted email address for privacy.
URL shortening service removed offending link.
Message Αlert for: [REDACTED]

Your mailbοx may not be functiοning prοperly due to an autοmatic syncing errοr on your email server. This may cause some messages not deliνered to your inbοx, or wrοngly sent to your Junk Εmail fοlder.

To fix this errοr, please take a minute to cοmplete the οne-step manual update of your mailbοx serνer.


UΡDΑTE ΝΟW < [REDACTED URL]>



You will be redirected to your mailbοx to continue with your wοrk, once you have sucessfully cοmpleted the update.


Μicrοsοft Οffice365 Suppοrt
Ρriνacy | Legal Νotices
________________________________


Οffice365 ΑccID : [REDACTED]

This is a system nοtificatiοn. Please DO ΝOT reply as it would not be read.
Click to expand...
 
  • Like
Reactions: oldschool
JB007

JB007

Level 25
Verified
Top Poster
Well-known
May 19, 2016
1,497
Hello,
Over the past few months I have received more and more spam and in recent weeks I received more spam than emails !
It had become unbearable and I was considering changing my email addresses !🤬
But in the last 4 days I only received 2 spams !
Obviously I am very happy but I would like to understand what happened while hoping that the rain of spam does not start again :unsure:
 
  • Like
  • Applause
Reactions: Nevi, Dave Russo and BryanB
D

Dave Russo

Level 18
Verified
Top Poster
May 26, 2014
890
I also was bombarded with spam (I have Yahoo Mail) And was suspicious they were pushing their 60 dollar a year upgrade, which I want no part of right now, kept sending to spam and also blocked sender and maybe it finally worked?? Anyway, Did you do anything differant?
 
  • Like
Reactions: Nevi and JB007
N

ng4ever

Level 16
Verified
Feb 11, 2016
753
I know if I have to ask it probably is.


AT&T High Speed Internet

Important Message from AT&T

Your account needs immediate attention. Residential customers can log in with your myAT&T user ID and password to be back to browsing the internet as quickly as possible. If you are not registered with myAT&T and a Residential customer, please us at 1-800-286-2020. All Small Business customers must call us at 1-800-321-2000.

To ensure that you reach the right department, it is important that you provide your billing telephone number when prompted.
 
  • Like
Reactions: Dave Russo, show-Zi, BryanB and 1 other person

Similar threads

Bot
    • Like
Easy money pandemic: Welfare as bait
Replies
1
Views
1,471
Kaspersky
plat
plat
Bot
    • Like
  • Locked
Links in phishing-like emails lead to tech support scam
Replies
1
Views
2,350
Microsoft Defender
ispx
ispx
Exterminator
    • Like
Security News IRS warns on ever-changing “dangerous W-2 phishing scam”
Replies
1
Views
1,533
News Archive
_CyberGhosT_
_CyberGhosT_

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top