Random subject SPAM - download .lnk files to malware
1 Feb 2017 - "... numerous versions of the emails, but they all basically function in the same way. The email has a link to a compromised site that pretends to be a doc, image or PDF file but in reality will download a .lnk file (windows shortcut file) - these run powershell & contact another site to actually download the malware. These link files have a base64 encoded section with the download link...
... other emails read and look like:
File name: confirm-purchase-ordernum-3TX0S8458483-JY.pdf
Detection ratio: 3/54
Analysis date: 2017-02-01
... different download locations, sometimes delivering exactly same malware from all locations and sometimes slightly different malware versions from each one... All these malicious emails are either designed to steal your Passwords, Bank, PayPal or other financial details along with your email or FTP (web space) log in credentials. Or they are -Ransomware- versions that encrypt your files and demand large sums of money to recover the files..."