Found and analysed by Group-IB Seen since late April Threat type – Malicious download – Loki PWS ‘Sender’ – Admin@biomed.com Key words: Biomed covid-19 kits RFQ, we would appreciate if you could kindly send us the best prices, test for COVID-19, Kim Anh Nguyen, Luong Bang Str, Vung Tau City.
Category Archives: Credential Stealer
Mike Pence, VP
Found and analysed by ImmuniWeb Seen since early April ‘Sender’ – ‘Mike Pence’ Threat type – Credential stealer Keywords: Mike Pence, The Vice President of united state, the security agency brought to my attention very important information,
RE: 2nd Payment // SKM Co.,Ltd.
Found and analysed by Group-IB Seen since late March Threat type – Malicious download – Loki PWS ‘Sender’ – SKM Korea Key words: RE: 2nd Payment // SKM Co.,Ltd, SKM Korea, rough time in Korea, My boss approved we make payment, Kate Lee, Overseas Business Operation
CORONAVIRUS (COVID-19) UPDATE
Found and analysed by Group-IB Seen since late March Threat type – Malicious download – Loki PWS ‘Sender’ – CDC Key words: CORONAVIRUS (COVID-19) UPDATE // BUSINESS CONTINUITY PLAN ANNOUCEMENT TARTING MARCH 2020, A MUST READ!!!, deadly Wuhan coronavirus, Dr Heung Jung
VPN configuration secured link
Found and analysed by Zscaler Seen since early April ‘Sender’ – ‘IT Support’ Threat type – Credential Stealer Keywords: VPN configuration secured link -2874, remote access vpn, new configuration vpn access, login with your email and password
(Virtual Lab) Stay-At-Home Connection
Found and analysed by Zscaler Seen since early April ‘Sender’ – ‘IT tech’ Threat type – Credential Stealer Keywords: IT Tech, (Virtual Lab) Stay-At-Home Connection – 9435, Testing our virtual lab machines, our requisition platform SAP/ Concur.
Kevin Taylor
Found and analysed by Zscaler Seen since early April ‘Sender’ – Undisclosed sender Threat type – Credential Stealer/ Nigerian Prince scam Keywords: Kevin Taylor, msf.org, Sales then share 40% the money to orphanage home while I (Kevin Taylor,) take 40% of the amount, avoid Oil company, he is top politician, kevintaylor@serviceadvisor.net
Coronavirus Tax Cut Doc
Found and analysed by Cyren Seen since late March ‘Sender’ – ‘Microsoft Messaging Centre’ Threat type – Malicious Download Keywords: Coronavirus (COVID-19) Tax Cut Doc, Important document from SharePoint regarding Trump’s coronavirus tax cut, Microsoft Messaging Centre
COVID-19 PAYMENT
Found and analysed by Google Seen since mid April ‘Sender’ – ‘Jane Miller’ Threat type – Malicious Download Keywords: COVID-19 PAYMENT, download the attached invoice for your review, invoice01 (2), thanks, Jane.
Covid-19 contact
Found and analysed by Securonix Seen since early April ‘Sender’ – Undisclosed sender Threat type – Malicious download Keywords: Covid-19 Contact, you recently came into contact with a colleague/ friend/ family, Taber AB, Ottawa Hospital General