{"id":3109,"date":"2019-04-06T19:34:21","date_gmt":"2019-04-06T19:34:21","guid":{"rendered":"http:\/\/www.syyhoaxanalyzer.com\/?p=3109"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T17:00:00","slug":"Watch-Out-For-\"Confirmation-Letter-Enclosed\";-Malware-Emails","status":"publish","type":"post","link":"https:\/\/www.syyhoaxanalyzer.com\/?p=3109","title":{"rendered":"Watch Out For &#8220;Confirmation Letter Enclosed&#8221;; Malware Emails"},"content":{"rendered":"<div>\n<p>Malicious emails that claim to have a confirmation letter enclosed are currently being distributed by online criminals.  \u00a0The emails have the subject line  \u00a0&#8220;uk_confirmation_ph&#8221; followed by a string of random numbers and a PDF file extension.<\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Top Content Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"4870821038\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><br \/>\nThe .pdf extension is apparently a way of tricking unwary recipients \u00a0into believing that the attached file is a harmless PDF.  \u00a0However, the attachment is actually a .zip file that, if opened, reveals a .exe \u00a0file. The .exe \u00a0file also has the name &#8220;uk_confirmation_ph (random numbers)&#8221;.<\/p>\n<p>If you click this .exe file, various types of <a href=\"https:\/\/myonlinesecurity.co.uk\/confirmation-letter-enclosed-please-see-attachment-malspam-delivers-malware\/\">malware may be installed<\/a> on your computer.<\/p>\n<p>Details, such as the subject and supposed \u00a0sender address may vary in different versions of the malware emails.<\/p>\n<p>If you receive one of these emails, do not open any attachments that it contains and do not click any links.<\/p>\n<p>&nbsp;<\/p>\n<div class=\"example\"><span style=\"color: #ff0000;\"><b>Example:<\/b><\/span><br \/>\n<strong>Subject: uk_confirmation_ph219801521.pdf<\/strong><\/p>\n<p>Confirmation letter enclosed. Please see attachment.<\/p>\n<\/div>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HSNet Article Center --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"5727909035\" data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p><\/br><\/br> Original Source : <a href=\"https:\/\/www.hoax-slayer.net\/watch-out-for-confirmation-letter-enclosed-malware-emails\/\" target=\"_blank\">https:\/\/www.hoax-slayer.net\/watch-out-for-confirmation-letter-enclosed-malware-emails\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malicious emails that claim to have a confirmation letter enclosed are currently being distributed by online criminals. \u00a0The emails have the subject line \u00a0&#8220;uk_confirmation_ph&#8221; followed by a string of random numbers and a PDF file extension. The .pdf extension is apparently a way of tricking unwary recipients \u00a0into believing that the attached file is a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6890,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3109","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hoax-inggris"],"_links":{"self":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/3109"}],"collection":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3109"}],"version-history":[{"count":0,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/3109\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/media\/6890"}],"wp:attachment":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3109"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3109"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}