Correlate

Level 9
A new threat actor is using email to impersonate government agencies in the United States, Germany, and Italy to deliver ransomware, backdoors, and banking Trojans through malicious attachments.
Since the end of October, Proofpoint researchers detected a new threat actor who has been impersonating the United States Postal Service, the German Federal Ministry of Finance, and the Italian Revenue Agency in malicious spam campaigns that deliver a variety of malware.
"Between October 16 and November 12, 2019, Proofpoint researchers observed the actor sending malicious email messages to organizations in Germany, Italy, and the United States, targeting no particular vertical but with recipients that were heavily weighted towards business and IT services, manufacturing, and healthcare," Proofpoint stated in a report published today.
 

Burrito

Level 21
Verified
Yeah, I got one of those from the "Postal Service."

I should have taken a screen shot and posted it here --- as it was really well done.

It was a little different than the one pictured in the article.

They used an email address that was pretty well disguised... and the content used offical USPS symbols and formats.
 

Correlate

Level 9
Yeah, I got one of those from the "Postal Service."

I should have taken a screen shot and posted it here --- as it was really well done.

It was a little different than the one pictured in the article.

They used an email address that was pretty well disguised... and the content used offical USPS symbols and formats.
Do you still keep a sample of it for the benefit of all?
- You seem witty since you managed to distinguish proper mail from fake.
 

Burrito

Level 21
Verified
Do you still keep a sample of it for the benefit of all?
- You seem witty since you managed to distinguish proper mail from fake.
I should have kept a copy of it. Since I got it at work, there is a protocol which includes rapid characterization and then deletion.

I didn't think about making a copy..

But I will next time.