Thormailer.com used to Send subcard@uk-ie.subwaysubcard.eu Scam Emails

Advertisement

The fake and malicious subway subcard emails like the one below that appears to have been sent from subcard@uk-ie.subwaysubcard.eu, is actually sent by Thormailer.com from CREATESEND.COM. Thormailer.com / CREATESEND.COM is a email newsletter software, so it appears it being abused by online scammers.

Thormailer.com used to Send subcard uk-ie.subwaysubcard.eu Scam Emails
Advertisement

The subcard@uk-ie.subwaysubcard.eu Scam Email

The subcard@uk-ie.subwaysubcard.eu Scam Email

The link in the fake email goes to a malicious website that asks visitors to download a malicious Microsoft Office Excel document that will infect their computers with viruses and other malware.

The malicious Microsoft Office Excel document contains a password to prevent anti-virus software and anti-malware from detecting the Macro virus or malware in it. But, the malicious document cannot do anything unless the person who downloaded it "Enable Editing" and "Enable Content" from the yellow bar. This is is why it is important that online users never open password-protected Microsoft Office documents, "Enable Editing" and "Enable Content".

The Malicious Microsoft Office Excel Document

subcard@uk-ie.subwaysubcard.eu Malicious Office Excel Document

Online users who have already opened the malicious document, "Enable Editing" and "Enable Content" are asked to scan their computers with the antivirus software installed on them to remove malware that may have been installed by the malicious Office Excel document.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Would you share this article with others?  +

DonateHelp maintain Online Threat Alerts (OTA).

Comments, Questions, Answers, or Reviews

Comments (Total: 1)

To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews. NB: We will use your IP address to display your approximate location to other users. That location is not enough to find you.

Your comment, answer, or review will be set as anonymous because you are not signed in. An anonymous comment, answer, or review cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • December 15, 2020 at 11:04 AM by an anonymous user from: Seacroft, Leeds, England, United Kingdom

    I received this email on my iPhone. I clicked on the link it appeared just as shown above but it didn't display as an Excel document. Consequently it didn't display the yellow bar with 'Enable Content'. So I didn't click on anything else just screen shotted it and deleted the email. 3 days later someone apparently using our Paypal account (according to the bank) made two online purchases amounting to about £200. Is it possible that this is due to this link although I didn't knowingly enable it? I have reset my iPhone but couldn't find a back up dated prior to this phishing attack. What can I do to protect my iPhone? We have already cancelled all cards and blocked our online banking services but it is the iPhones security I am concerned about, moving forward. Please can someone advise me on the best course of action

    Thanks Richard

Comments Show More Comments (0)

Write Your Comment, Question, Answer, or Review

Recommendation / Advertisement
Thormailer.com used to Send subcard@uk-ie.subwaysubcard.eu Scam Emails