Last updated on March 19th, 2023 at 05:03 pm
You may have been receiving a huge amount of email spam this morning from Clare Harding at Carters Packaging Ltd with an invoice attachment called Purchase Order 0000035394.doc
Well, this is a virus and seems to be spreading around the internet like wild fire at the moment, so blacklist this email address:
NOTE
Obviously this is an impersonation attack and has not originated from Carters Packaging Ltd.
You should fully virus scan your machines using whichever anti-virus you have. In some cases, you may have to rebuild computers as this seems to run as a process.
The subject of the email will be similar to this:
Purchase Order 0000035394 customer 09221
A little more information on this virus attack
Rumoured download locations are:
- malajsie.webzdarma.cz/45y3f34f/7jh4wqd.exe
- fa31.linux-hosting.de/45y3f34f/7jh4wqd.exe
- ankarasogukhavadepo.com/45y3f34f/7jh4wqd.exe
- selimkaucuk.com/45y3f34f/7jh4wqd.exe
It also looks like it stores its executable file in the %temp% directory with a filename of httsser.exe
It could be generating traffic to this IP below so worth blocking that on your systems too:
221.132.35.56
COMMENTS
If you have been affected by this in anyway, we would like to hear from you so leave us a message below using our comments system.
Free Subscription
If you want to be notified when we post more quality guides like this one, sign up to our free subscription service and you will receive an email when a new post is live.
No need to worry, we will not be filling your inbox with spam and you can unsubscribe anytime you like.
