{"id":236,"date":"2019-04-06T19:33:17","date_gmt":"2019-04-06T19:33:17","guid":{"rendered":"http:\/\/www.syyhoaxanalyzer.com\/?p=236"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T17:00:00","slug":"'General-Liability-&-Workers-Compensation-Insurance'-Email-Contains-Javascript-Malware","status":"publish","type":"post","link":"https:\/\/www.syyhoaxanalyzer.com\/?p=236","title":{"rendered":"&#8216;General Liability &#038; Workers Compensation Insurance&#8217; Email Contains Javascript Malware"},"content":{"rendered":"<div>\n<p><span style=\"color: #ff0000;\"><strong>Outline:<\/strong><\/span><br \/>\nEmail purporting to be from Pacific Pathways insurance brokers claims that an \u00a0attached file contains a \u00a0General Liability &amp; Workers Compensation insurance quote request packet.<\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Top Content Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"4870821038\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p><span style=\"color: #ff0000;\"><strong>Brief Analysis:<\/strong><\/span><br \/>\nPacific Pathways is a real insurance company, but it did not send this email. The email&#8217;s .zip attachment contains a malicious JavaScript (.js) file that, if opened, can download and install malware.<\/p>\n<div class=\"example\"><span style=\"color: #ff0000;\"><b>Example:<\/b><\/span><br \/>\n<strong>Subject: General Liability &amp; Workers Compensation Insurance<\/strong>Good morning,I reached out a few months back with regards to your commercial insurance needs. I wanted to check in to see if now is a good time to quote any line of insurance?I have attached my quote request packet for your convenience. Please feel free to call with, email or fax the requested information and I will get right to work on your quotes.<\/p>\n<p>Workers compensation carriers require 4-5 years loss runs (IF APPLICABLE), if you can please forward those my way as well.<\/p>\n<p>Thank you,<br \/>\n[Name Removed]<\/p>\n<p><em>Attached File: PPI QUOTE REQUEST_55691413.zip<\/em><\/p>\n<\/div>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HSNet Article Center --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"5727909035\" data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p><span style=\"color: #ff0000;\"><strong>Detailed Analysis:<\/strong><\/span><br \/>\nAccording to this email, which \u00a0claims to be from \u00a0Pacific Pathways insurance brokers and includes the company&#8217;s logo and contact details, you can read a &#8216;quote request packet&#8217; by opening an attached .zip file. The email has the subject line \u00a0General Liability &amp; Workers Compensation Insurance and claims that the sender &#8216;reached out a few months back with regards to your commercial insurance needs&#8217;.<\/p>\n<p>However, \u00a0Pacific Pathways did not send the email and the attached file does not contain \u00a0insurance \u00a0documents. Instead, the <a title=\"General Liability &amp; Workers Compensation Insurance pacificpathins.com \u00e2\u20ac\u201c JS malware\" href=\"https:\/\/myonlinesecurity.co.uk\/general-liability-workers-compensation-insurance-pacificpathins-com-js-malware\/\">attachment contains malware<\/a>.<\/p>\n<p>If you open the attached .zip file, you will find that it contains a JavaScript (.js) file. If you then click the .js file, the malicious JavaScript will contact a web \u00a0server \u00a0and then download and install malware on your computer. The intent of this malware may vary in different versions of the email.  \u00a0The malware may steal sensitive information such as banking passwords from your computer. Malicious JavaScript files are also currently being used to download and install Locky malware.<\/p>\n<p>This attack is aimed at businesses \u00a0in the hope that a busy or inexperienced staff member may open the attachment in the mistaken belief that it really contains a work-related insurance quote.<\/p>\n<p>Details, such as the name of the person who supposedly sent the email and the attachment name may vary in different versions of the message. If you receive one of these emails, do not open any attachments or click any links that it contains.<\/p>\n<p>Keep in mind that such malware campaigns often \u00a0use \u00a0the names and logos of genuine companies such as Pacific Pathways to \u00a0make \u00a0their claims seem more credible.  \u00a0The targeted companies are also victims of these criminals and are in no way responsible for malware attacks made in their names.<\/p>\n<p>\n<script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- Third Content Ad Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"1909104632\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<div align=\"center\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Bottom AdLinks --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"1358951439\" data-ad-format=\"link\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/div>\n<p>\n<a href=\"http:\/\/hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1.jpg\" data-rel=\"penci-gallery-image-content\" ><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"867\" data-permalink=\"https:\/\/www.hoax-slayer.net\/funeral-account-recovery-malware\/malware-bomb-1\/\" data-orig-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1.jpg\" data-orig-size=\"800,720\" data-comments-opened=\"0\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"malware-bomb-1\" data-image-description=\"\" data-medium-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1-300x270.jpg\" data-large-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1.jpg\" class=\"aligncenter size-full wp-image-867\" src=\"https:\/\/hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1.jpg\" alt=\"Malware Bomb\" width=\"800\" height=\"720\" srcset=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1.jpg 800w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1-300x270.jpg 300w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1-768x691.jpg 768w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2016\/03\/malware-bomb-1-222x200.jpg 222w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n<p class=\"date\">Last updated: April 23, 2016<br \/>\nFirst published: April 23, 2016<br \/>\nBy Brett M. Christensen<br \/>\n<a class=\"foot\" href=\"http:\/\/www.hoax-slayer.com\/about.shtml\">About Hoax-Slayer<\/a><\/p>\n<p class=\"ref\">References<br \/>\n<a title=\"General Liability &amp; Workers Compensation Insurance pacificpathins.com \u00e2\u20ac\u201c JS malware\" href=\"https:\/\/myonlinesecurity.co.uk\/general-liability-workers-compensation-insurance-pacificpathins-com-js-malware\/\">General Liability &amp; Workers Compensation Insurance pacificpathins.com \u00e2\u20ac\u201c JS malware<\/a><br \/>\n<a title=\"Malware Threat Articles\" href=\"http:\/\/www.hoax-slayer.com\/malware-threat-articles.shtml\">Malware Threat Articles<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><\/br><\/br> Original Source : <a href=\"https:\/\/www.hoax-slayer.net\/general-liability-workers-compensation-insurance-email-contains-javascript-malware\/\" target=\"_blank\">https:\/\/www.hoax-slayer.net\/general-liability-workers-compensation-insurance-email-contains-javascript-malware\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Outline: Email purporting to be from Pacific Pathways insurance brokers claims that an \u00a0attached file contains a \u00a0General Liability &amp; Workers Compensation insurance quote request packet. Brief Analysis: Pacific Pathways is a real insurance company, but it did not send this email. The email&#8217;s .zip attachment contains a malicious JavaScript (.js) file that, if opened, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6890,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-236","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hoax-inggris"],"_links":{"self":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/236"}],"collection":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=236"}],"version-history":[{"count":0,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/236\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/media\/6890"}],"wp:attachment":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}