a Malicious and Fake QuickHostUK Customer Invoice Email

a Malicious and Fake QuickHostUK Customer Invoice Email

Would you share this Article with others?

Cyber-criminals are sending out the fake QuickHostUK email message below with subject: "Customer Invoice," with a malicious Microsoft Word document attached (Invoice-302673.doc), disguised as an invoice. The malicious attachment contains a Macro, which is a set of instructions that is used in Microsoft Office to automate different tasks. If the malicious Microsoft Word attachment is opened and the recipients enable "Macro" or "Enable Content," the set of Macro instructions will attempt to download a Trojan horse from a remote computer server and infect the recipients’ computers.

The Trojan horse will then be used by the cyber-criminals to steal the infected computer users' banking, social media, PayPal and other credentials.The Trojan horse can also be used to steal the victims’ financial information and other sensitive information without their knowledge.

Please note that the Trojan horse will only infect computers running the Microsoft Windows operating system.users of the Mac, IPhone, IPad, Blackberry, Windows phone or Android phone are not affected.

Although the fake and malicious email message appears as if it was sent by QuickHostUK, it was not. The cyber-criminals responsible for the emails, spoofed the email message to make it appear as if came from QuickHostUK, to make it look legitimate. So, there is no need to contact QuickHostUK. Cyber-criminals spoofed email addresses to trick their victims into opening malicious attachments or clicking malicious links, thinking the fake email message was sent from a legitimate company.

Remember, never enable Macro or “Enable Content” for a Microsoft Word, Excel or other Microsoft Office documents, regardless of where the email message came from.

Macro Security Warning - Macros have been disabled

Macro was created to automate tasks in Microsoft Office, but cyber-criminals started abusing this useful tool over a decade ago, by using it to download and infect their victims’ computers with viruses, Trojan horse and other malware. That is why Microsoft decided to disable Macro by default and gave Microsoft Office users the option of enabling or disabling it.

The Fake and Malicious QuickHostUK Email Message

From: info@quickhostuk.com
Subject: Customer Invoice
Attachment: Invoice-302673.doc


Dear customer,

This is a notice that an invoice has been generated on 11/10/2015.
Your payment method is: Credit/Debit Card
Invoice #302673
Amount Due: £40.00GBP
Due Date: 18/10/2015

Invoice Items
Fully Managed Hosting - Starter (18/10/2015 - 17/11/2015) £40.00GBP

Sub Total: £40.00GBP
Credit: £0.00GBP
Total: £40.00GBP

Payment will be taken automatically on 18/10/2015 from your credit card on record with us.to update or change the credit card details we hold for your account please login at https://connect.quickhostuk.com/viewinvoice.php?id=302673 and click Pay Now then following the instructions on screen.

Kind Regards,
QuickHostUK Limited

Now, persons who were tricked into opening the malicious Microsoft Word document and enabling Macro or “Enable Content,” should do a full scan of their computers with the antivirus installed on them.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com. And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
(Total: 2)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews. Also, remember to keep comments, reviews, answers respectful.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • October 15, 2015 at 3:52 PM by an anonymous user from: London, England, United Kingdom

    Does it do anything if I viewed it in browser? I didn't enable anything though.

    • October 15, 2015 at 4:01 PM by info

      Opening the email will not infect your computer. It is the attachment that will, and whether you open it in your browser or not, it will infect your computer.

 Show More Comments (2)
Write Your Comment, Question, Answer, or Review

Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.

Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

a Malicious and Fake QuickHostUK Customer Invoice Email