Pettuse tunnus on selle saatmine suurele nimekirjale ehk To: undisclosed-recipients:;
Kirja on kaasa pandud fail .ace formaadis. See on pakitud formaat, mis sobib Windows 8 operatsioonisüsteemiga. Kindlasti ei tohi selliseid faile avada, sest teine osapool saab olla ainult petis. Ta soovib saada kontrolli e-maili saaja arvuti üle, selle pärast saadetaksegi fail, millel klikkimine nakatab arvuti.
Viimasel ajal on palju juttu olnud ransomware ehk lunavara juhtumitest, kus ohvri arvutis olevad failid krüpteeritakse ja nende avamise eest nõutakse maksmist. Sellise tulemuse andis virustotal.com ka sellele kaasapandud failile:
SHA256: | 441d6eb8bab699b57a3dae75cb5efe89e9694001a9e7373e9fb101d14c0a2927 |
File name: | 3fa3cb20f987c92c423ccb0fffd72d92 |
Detection ratio: | 6 / 54 |
Analysis date: | 2017-02-27 03:40:49 UTC ( 3 päeva, 15 tundi ago ) |
.
File identification
VirusTotal metadata
File names | inv-order.ace 3fa3cb20f987c92c423ccb0fffd72d92 |
Received: from smtp01-smtp-4.daemonmail.net ([216.104.162.134]:38530)
by
—————————- Original Message —————————-
Subject: CONFIRM BANK ACCOUNT AND MAKE CORRECTION
From: rameshpkp@petronemirates.com
Date: Mon, February 27, 2017 6:32 am
To: undisclosed-recipients:;
————————————————————————–
Good day
Up till this moment we have not confirmed this invoice, why new
banking details does not bear your Company’s usual Bank details as
normal, should i remit to this account in this invoice?
Check the attached Invoice and confirm if it is the original. Please
let me know your decision right away.
Waiting your Quick Response.
Thanks & Best Regards!
Jaimu-ella Kumar(Mrs.)
Procurement & Ex-import Manager
Petronemirates Trading Company
Address
Petronemirates Trading Company
Stadhouderskade 55
1072 AB DUBAI
email: rameshpkp@petronemirates.com