Monthly Archives: May 2015

Another round of word macro virus e-mails

This time sent to a lot of leaked logmein addresses. One was also an address scraped from a website. Content similar to: From: Millicent Johns <> Subject: Important notice: 7CD2D7_ABA97BD7172.doc Your monthly Rainbow Communications invoice is attached to this mail. This bill … Continue reading

Posted in Uncategorized | Leave a comment

Fake Microsoft support caller demanding Moneygram payments.

Another customer, another scam call.. “Microsoft” supposedly called them and said they had a virus (as is standard) and talked the user through connecting the scammer to the computer. It is astonishing that LogMeIn Rescue allows the company name “Microsoft” … Continue reading

Posted in Uncategorized | 2 Comments

“Important information” virus email

More of these today, similar to yesterday, to multiple addresses – quite often ones stolen or leaked from LogMeIn and one to an address I had used with a car hire company in the UK. Subjects: Important information Need your … Continue reading

Posted in Uncategorized | Leave a comment scam message

–I’ve since come across these people again in August 2015!— While investigating a “Whats App” phishing campaign going around today I came across the following site: This page gives you the standard “your computer is infected” advert with non-stop … Continue reading

Posted in Uncategorized | 3 Comments

Net2 / Paxton Access: How to open or unlock a door for longer for just one user.

One of my sites uses Net2 Lite / Paxton for their door control with ISO proximity cards. They have a fairly short time period between “swipe” and the door locking again. This is fine for most users but one swipe … Continue reading

Posted in Uncategorized | Leave a comment

Virus e-mail “ATTN: Outstanding Invoices – [37B4C3] [April|May]”

I’ve had two emails today to different addresses with subject lines similar to: “ATTN: Outstanding Invoices – [4AF8F5] [April|May]” and “ATTN: Outstanding Invoices – [37B4C3] [April|May]” Both contained a .xls attachment. SHA256: 18c1edd9dd7082ad33ed2663f0401f0a3dcd23933fe5d44ab5b506879d5311aa SHA256: ec269eb075525d99c32265a5df78b16e308041c8edd5ffd0537571fc830816c2 VirusTotal Report which is currently undetected … Continue reading

Posted in Uncategorized | 1 Comment

Suspicious Swann DVR traffic

This afternoon I took the opportunity of being in work at a weekend to install a monitoring bridge between one of my customer LANs and their Managed Broadband service. The managed broadband provider doesn’t give any insight into the traffic … Continue reading

Posted in Uncategorized | 14 Comments