Fake and Virus Email - Bill.com Invoice Has Been Paid
The Virus Email Message
Date: Tue, 09 Sep 2014 14:16:29 +0530
From: "The Bill.com Team" <notificationonlyGNAThq.bill.com>
To: "bade33aGNATsecuremecca.com" <bade33aGNATsecuremecca.com>
Subject: Bill.com Invoice has been paid
Attachment: bill-d59f78596bfa 79e01898cf9d0e645b9 9328028d597e900514 6787f09435a01016270d 6ffc5d69ec27901.zip
X-Originating-IP: 14.141.133 .162
Thank you for payment to Bill.com. The credit/debit card you have on file with us was successfully charged $312.89 for the billing period 08/01/14-09/01/14.
The Statement for this account is now available for viewing. Please find it attached to this email.
Have questions? Sign in at https://app.bill.com , then contact support.
The Bill.com Team
Please do not respond to this email. This e-mail was sent from a notification-only e-mail address.
The email attachment:
"bill-d59f78596bfa 79e01898cf9d0e645b9 9328028d597e900514 6787f09435a01016270d 6ffc5d69ec27901.zip"
contains the malicious file:
"BILL_ID_895634523 9452583458736457634 5987987643298576329 8563253245.pdf.exe", which contains a virus or Trojan horse.
If the malicious file is opened, it will infect the recipients' Microsoft Windows computers.
Once their computers have become infected with this malicious Trojan horse, the cybercriminals behind this email message will be able to access and take control of their computers remotely from anywhere around the world. They may spy on them, use their computers to commit cybercrimes, or steal their personal and financial information.
Now, if you have already downloaded a file from the malicious website, please do a full scan of your computer with the antivirus software installed on it.
If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.
Click here for a list of email attachments you should never open, regardless of where they came from.
For a list of other virus email messages, please click here.
Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search
Click here help maintain Online Threat Alerts (OTA).
Note: Some of the information in samples on this website may have been impersonated or spoofed.
Comments, Questions, Answers, or Reviews
To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.
Write Your Comment, Question, Answer, or Review
NB: We will use your IP address to display your approximate location to other users.