The bait this time is the unexpected closure of the account and some pending messages. With the excuse of fixing the error, threat actors try to steal the credentials.
Technical analyst by the Malware Hunter JAMESWT
The Dridex malspam campaign associated with couriers is back. DHL fake mail contains an .xlsm attachment which, when opened, contacts a random link from a list whitin. This downloads a DLL that infects the PC with malware
Dridex is hiding behind a fake DHL invoice, which cybercrime is distributing in a global malspam campaign. The email contains an .xlsm attachment which, if opened, contacts a malicious link chosen randomly from a list within it. This downloads a DLL that infects your computer with malware. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world. The targets are mainly companies, but not only. The texts in both cases are written in correct English, although there are no logos or visual references related to the shippers used as decoy.