Online Threat Alerts (OTA)
An anti-cybercrime community alerting the public.

a Malicious and Fake QuickHostUK Customer Invoice Email

  • 2
  • 4,577
  • Oct. 13, 2015

Cyber-criminals are sending out the fake QuickHostUK email message below with subject: "Customer Invoice," with a malicious Microsoft Word document attached (Invoice-302673.doc), disguised as an invoice. The malicious attachment contains a Macro, which is a set of instructions that is used in Microsoft Office to automate different tasks. If the malicious Microsoft Word attachment is opened and the recipients enable "Macro" or "Enable Content," the set of Macro instructions will attempt to download a Trojan horse from a remote computer server and infect the recipients’ computers.

Advertisements

The Trojan horse will then be used by the cyber-criminals to steal the infected computer users' banking, social media, PayPal and other credentials.The Trojan horse can also be used to steal the victims’ financial information and other sensitive information without their knowledge.

Please note that the Trojan horse will only infect computers running the Microsoft Windows operating system.users of the Mac, IPhone, IPad, Blackberry, Windows phone or Android phone are not affected.

Although the fake and malicious email message appears as if it was sent by QuickHostUK, it was not. The cyber-criminals responsible for the emails, spoofed the email message to make it appear as if came from QuickHostUK, to make it look legitimate. So, there is no need to contact QuickHostUK. Cyber-criminals spoofed email addresses to trick their victims into opening malicious attachments or clicking malicious links, thinking the fake email message was sent from a legitimate company.

Remember, never enable Macro or “Enable Content” for a Microsoft Word, Excel or other Microsoft Office documents, regardless of where the email message came from.

Macro was created to automate tasks in Microsoft Office, but cyber-criminals started abusing this useful tool over a decade ago, by using it to download and infect their victims’ computers with viruses, Trojan horse and other malware. That is why Microsoft decided to disable Macro by default and gave Microsoft Office users the option of enabling or disabling it.

The Fake and Malicious QuickHostUK Email Message

From: info@quickhostuk.com
Subject: Customer Invoice
Attachment: Invoice-302673.doc

QuickHostUK

Dear customer,

This is a notice that an invoice has been generated on 11/10/2015.
Your payment method is: Credit/Debit Card
Invoice #302673
Amount Due: £40.00GBP
Due Date: 18/10/2015

Invoice Items
Fully Managed Hosting - Starter (18/10/2015 - 17/11/2015) £40.00GBP

Sub Total: £40.00GBP
Credit: £0.00GBP
Total: £40.00GBP

Payment will be taken automatically on 18/10/2015 from your credit card on record with us.to update or change the credit card details we hold for your account please login at https://connect.quickhostuk.com/viewinvoice.php?id=302673 and click Pay Now then following the instructions on screen.

Kind Regards,
QuickHostUK Limited

Now, persons who were tricked into opening the malicious Microsoft Word document and enabling Macro or “Enable Content,” should do a full scan of their computers with the antivirus installed on them.

Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Share this article with others.
Advertisements
Write / View Comments (2)
View on Online Threat Alerts (OTA)
Help Maintain Online Threat Alerts (OTA)
Copyright © 2012 - 2024 - Online Threat Alerts (OTA).