Search FraudFYI

Wednesday, August 3, 2016

MALWARE ALERT! PHISHING scam email with potential MALWARE from James Automobile

DO NOT OPEN THE FILE ATTACHED TO THIS EMAIL and DO NOT CLICK ON THE LINK IN THE .PDF FILE!  The link takes you to which has been flagged by MULTIPLE ENGINES as potentially containing MALWARE!


Antivirus    Result    Update
AVG     JS/Phish     20160802
AegisLab     Js.Phish.Gen!c     20160801
Avast     VBS:Malware-gen     20160802
CAT-QuickHeal     JS/Redirector.CE     20160802
Cyren     HTML/Phish.GF     20160802
DrWeb     JS.Redirector.252     20160802
ESET-NOD32     HTML/Phishing.Agent.AT     20160802
F-Prot     HTML/Phish.GF     20160802
Fortinet     JS/FakePDF.A!phish     20160802
GData     HTML.Trojan.Agent.29J3K1     20160802
Ikarus     JS.Phish     20160802
McAfee     JS/Phish     20160802
McAfee-GW-Edition     JS/Phish     20160802
NANO-Antivirus     Trojan.Html.Redirector.eegmft     20160802
Qihoo-360     Script/Trojan.7e1     20160802
Sophos     Mal/Phish-A     20160802
TrendMicro-HouseCall     HTML_ADOPHISH.SM     20160802

If you have clicked this link, run a full virus scan as soon as possible.  You can download free versions from safe websites such as and

Originating IP:
Originating ISP: Globacom Ltd
City: Lagos
Country of Origin: Nigeria

from: James Automobile <> 
to: Recipients <>
date: Mon, Aug 1, 2016 at 7:21 PM
subject: Re: revised p/i

Dear Sir,

Kindly download the revised p/i for my reference, so i can remit payment
into your account.

Best Regards

Thank you,

attachment; filename="revised PI.pdf"

No comments:

Post a Comment

Thank you for commenting! Your comment will be reviewed and posted shortly!