For the last couple of months I've been getting similar spam/phishing emails at the rate of at least one or two a day. They're a couple of lines each with an attachment purporting to be the scan or ppt or docx etc. referred to in the text. They're all coming into an old sky.com address that I haven't used much for years. A couple of zip attachments had wsf scripts inside that came up clean when I scanned them with Malwarebytes and Defender. Not especially worried and obviously not going to run the scripts, but anybody else getting these? Couple of examples of the text below.


Good day william.angelo, Nelda asked you to file the office equipment receipts.
Here is the photocopying equipment receipts purchased last week.
 
Please send him the complete file as soon as you finish.
 
Best regards,
Jenny Alvarez


Please find attached the invoice(s) raised on your account today. If you have more than one invoice they will all be in the single attachment above.
 
If you have any queries please do not hesitate to contact the Credit Controller who deals with your account.
Alternatively if you do not know the name of the Credit Controller you can contact us at:
 
CreditControl@sky.com
 
Please do not reply to this E-mail as this is a forwarding address only.

Edit: Ah, a bit more poking around on t'web suggests that these are possibly Locky ransomeware (or a downloader for it) which apparently is being distributed as wsf files whereas previously they were using Word Macros and similar. Explains why I'm getting zip files now whereas a few weeks ago they were mainly docx.

 

I get tons* of these from (alleged) delivery companies, banks, bill collectors, lawyers &ct. I never open them (and I don't really know what's in the attachments, but assume it can't be good), and I don't get email on Windows so not too worried.

On a related note, after I finally installed Resident Evil Revelations 2 last week (which I bought on steam several months ago in a RE bundle), xp was booting into a blank screen, task manager showed a couple of acronis true image processes that I was unable to kill until I disabled them in services. Some dodgy-looking security web site "plumbytes" flagged acronis as malware.

Ultimately though I had to reinstall sp3 for a complete fix. So I dunno if RER2 nuked something or had malware onboard. I had only installed the free acronis wd edition to format a new drive many months ago and didn't realize it would be running services. Apparently it can be very difficult to completely remove. Anyway xp is running a lot snappier without.



*well, half-dozen daily sometimes more

Yeah the script attachments seem to be getting more and more frequent, especially for the ransomware fuckers.