MALWARE ALERT! PHISHING scam email with potential MALWARE from James Automobile auberge.fayoum@helnan.com www.kreatopedia.com

DO NOT OPEN THE FILE ATTACHED TO THIS EMAIL and DO NOT CLICK ON THE LINK IN THE .PDF FILE!  The link takes you to http://kreatopedia.com/wp-admin/adobe/adobe/MAcPET%20Trade%20PI.PDF%20-%20Copy.htm which has been flagged by MULTIPLE ENGINES as potentially containing MALWARE!

Per VirusTotal.com:

Antivirus    Result    Update
AVG     JS/Phish     20160802
AegisLab     Js.Phish.Gen!c     20160801
Avast     VBS:Malware-gen     20160802
CAT-QuickHeal     JS/Redirector.CE     20160802
Cyren     HTML/Phish.GF     20160802
DrWeb     JS.Redirector.252     20160802
ESET-NOD32     HTML/Phishing.Agent.AT     20160802
F-Prot     HTML/Phish.GF     20160802
Fortinet     JS/FakePDF.A!phish     20160802
GData     HTML.Trojan.Agent.29J3K1     20160802
Ikarus     JS.Phish     20160802
McAfee     JS/Phish     20160802
McAfee-GW-Edition     JS/Phish     20160802
NANO-Antivirus     Trojan.Html.Redirector.eegmft     20160802
Qihoo-360     Script/Trojan.7e1     20160802
Sophos     Mal/Phish-A     20160802
TrendMicro-HouseCall     HTML_ADOPHISH.SM     20160802

If you have clicked this link, run a full virus scan as soon as possible.  You can download free versions from safe websites such as https://www.malwarebytes.org/ and http://free.avg.com/us-en/homepage

Originating IP: 197.211.57.19
Originating ISP: Globacom Ltd
City: Lagos
Country of Origin: Nigeria

from: James Automobile <auberge.fayoum@helnan.com> 
to: Recipients <auberge.fayoum@helnan.com>
date: Mon, Aug 1, 2016 at 7:21 PM
subject: Re: revised p/i
mailed-by: helnan.com

Dear Sir,

Kindly download the revised p/i for my reference, so i can remit payment
into your account.

Best Regards

Thank you,

attachment; filename="revised PI.pdf"