{"id":375,"date":"2019-04-06T19:33:19","date_gmt":"2019-04-06T19:33:19","guid":{"rendered":"http:\/\/www.syyhoaxanalyzer.com\/?p=375"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T17:00:00","slug":"'Website-Customer-Invoice'-Malware-Email","status":"publish","type":"post","link":"https:\/\/www.syyhoaxanalyzer.com\/?p=375","title":{"rendered":"&#8216;Website Customer Invoice&#8217; Malware Email"},"content":{"rendered":"<div>\n<p>Keep in eye out for a malicious \u00a0email that supposedly contains \u00a0a website customer invoice.  \u00a0The email, which has the subject &#8220;INVOICE [random numbers] \u00a0Website customer&#8221;, claims that you can click a link to access the invoice in Microsoft \u00a0Word (doc) format. <\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Top Content Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"4870821038\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p>To make the email seem a little more professional, it includes a confidentiality \u00a0clause like those that often appear in genuine business \u00a0messages.<\/p>\n<h2>Email Does Not Contain an Invoice &#8211; Links to JavaScript Malware<\/h2>\n<p>However, the email is not a genuine invoice notification.  \u00a0Clicking the link downloads a malicious \u00a0JavaScript file that, \u00a0if opened, can download and install further malware.<\/p>\n<p>JavaScript malware is often used to install ransomware. Once installed, ransomware can lock all of your computer&#8217;s files and then demand that you pay a fee to online criminals to receive a decryption key.<\/p>\n<p>Malicious JavaScript is also used to install malware that can steal banking login credentials and other personal information from the infected computer.<\/p>\n<p>The malware email does not specify what product the invoice is supposedly for or what company supposedly sent it. This vagueness is a deliberate ploy to trick people into clicking \u00a0out of curiosity or concern. <\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HSNet Article Center --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"5727909035\" data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<h3>An example of the malware email:<\/h3>\n<blockquote>\n<p><strong>Subject: INVOICE # 680102-59544 Website customer<\/strong><\/p>\n<p>Your report is attached in DOC format.<br \/>\nAttachments: \u00a0http:\/\/{link removed]17-20-07\/Invoice-4308023-5051\/Website customer<\/p>\n<p>Thank you for your time and consideration, have a pleasant day.<br \/>\n________________________________<br \/>\nThis e-mail including any attachments is confidential, may be legally privileged and is designated exclusively for the intended recipient. Access by any other person is not authorised. Any disclosure of this e-mail or of names of persons mentioned therein as well as any storing, copying, distribution and dissemination is strictly prohibited.<\/p>\n<p>If you are not the intended recipient, please immediately delete this e-mail and notify the sender by phone or by e-mail.<\/p>\n<\/blockquote>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- Third Content Ad Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"1909104632\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<div align=\"center\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Bottom AdLinks --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"1358951439\" data-ad-format=\"link\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/div>\n<p><\/br><\/br> Original Source : <a href=\"https:\/\/www.hoax-slayer.net\/7994-2\/\" target=\"_blank\">https:\/\/www.hoax-slayer.net\/7994-2\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Keep in eye out for a malicious \u00a0email that supposedly contains \u00a0a website customer invoice. \u00a0The email, which has the subject &#8220;INVOICE [random numbers] \u00a0Website customer&#8221;, claims that you can click a link to access the invoice in Microsoft \u00a0Word (doc) format. To make the email seem a little more professional, it includes a confidentiality [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6890,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-375","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hoax-inggris"],"_links":{"self":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/375"}],"collection":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=375"}],"version-history":[{"count":0,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/375\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/media\/6890"}],"wp:attachment":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=375"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=375"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=375"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}