Threat Encyclopedia

Locky-bearing Spam Emails Arrive with HTML Attachments

Publish date: October 05, 2017

ANALYSIS BY

Cedrick Ramos


Ransomware-related spam emails usually use archived attachments to deliver the malware. However, this time, we've found the ransomware Locky to arrive via spam emails that contain HTML attachments. In the spoofed mail, the subject title indicates the mail to be an 'INVOICE' and tells the recipient in the body of the email to find the requested invoice as attached. The said HTML attachment has the filename of 'A_[Random Numbers].html', and is already detected as 'HTML_IFRAME.YYRU'.

Spammed messages such as this one typically have attachments in them that come with malware, thus users are advised to carefully check unsolicited mails before clicking on any links or attachments. Users receiving suspicious emails should always exercise caution to avoid being tricked to executing malware.
SPAM BLOCKING DATE / TIME: October 05, 2017 GMT-8
TMASE INFO

  • ENGINE:8.0
  • PATTERN:3372

Featured Stories

 

connect with us on

facebook youtube linkedin feed