a Malicious and Fake QuickHostUK Customer Invoice Email

a Malicious and Fake QuickHostUK Customer Invoice Email

Cyber-criminals are sending out the fake QuickHostUK email message below with subject: "Customer Invoice," with a malicious Microsoft Word document attached (Invoice-302673.doc), disguised as an invoice. The malicious attachment contains a Macro, which is a set of instructions that is used in Microsoft Office to automate different tasks. If the malicious Microsoft Word attachment is opened and the recipients enable "Macro" or "Enable Content," the set of Macro instructions will attempt to download a Trojan horse from a remote computer server and infect the recipients’ computers.

The Trojan horse will then be used by the cyber-criminals to steal the infected computer users' banking, social media, PayPal and other credentials.The Trojan horse can also be used to steal the victims’ financial information and other sensitive information without their knowledge.

Please note that the Trojan horse will only infect computers running the Microsoft Windows operating system.users of the Mac, IPhone, IPad, Blackberry, Windows phone or Android phone are not affected.

Although the fake and malicious email message appears as if it was sent by QuickHostUK, it was not. The cyber-criminals responsible for the emails, spoofed the email message to make it appear as if came from QuickHostUK, to make it look legitimate. So, there is no need to contact QuickHostUK. Cyber-criminals spoofed email addresses to trick their victims into opening malicious attachments or clicking malicious links, thinking the fake email message was sent from a legitimate company.

Remember, never enable Macro or “Enable Content” for a Microsoft Word, Excel or other Microsoft Office documents, regardless of where the email message came from.

Macro Security Warning - Macros have been disabled

Macro was created to automate tasks in Microsoft Office, but cyber-criminals started abusing this useful tool over a decade ago, by using it to download and infect their victims’ computers with viruses, Trojan horse and other malware. That is why Microsoft decided to disable Macro by default and gave Microsoft Office users the option of enabling or disabling it.

The Fake and Malicious QuickHostUK Email Message

From: info@quickhostuk.com
Subject: Customer Invoice
Attachment: Invoice-302673.doc


Dear customer,

This is a notice that an invoice has been generated on 11/10/2015.
Your payment method is: Credit/Debit Card
Invoice #302673
Amount Due: £40.00GBP
Due Date: 18/10/2015

Invoice Items
Fully Managed Hosting - Starter (18/10/2015 - 17/11/2015) £40.00GBP

Sub Total: £40.00GBP
Credit: £0.00GBP
Total: £40.00GBP

Payment will be taken automatically on 18/10/2015 from your credit card on record with us.to update or change the credit card details we hold for your account please login at https://connect.quickhostuk.com/viewinvoice.php?id=302673 and click Pay Now then following the instructions on screen.

Kind Regards,
QuickHostUK Limited

Now, persons who were tricked into opening the malicious Microsoft Word document and enabling Macro or “Enable Content,” should do a full scan of their computers with the antivirus installed on them.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Was this article helpful?  +
Share this with others:
Comments, Questions, Answers, or Reviews
Comments (Total: 2)

To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • October 15, 2015 at 3:52 PM by an anonymous user from: London, England, United Kingdom

    Does it do anything if I viewed it in browser? I didn't enable anything though.

    • October 15, 2015 at 4:01 PM by info

      Opening the email will not infect your computer. It is the attachment that will, and whether you open it in your browser or not, it will infect your computer.

Comments Show More Comments (1)

Write Your Comment, Question, Answer, or Review

a Malicious and Fake QuickHostUK Customer Invoice Email