A worldwide malicious email campaign comprised of counterfeit invoices, legal communications and other official documents is being tracked by ESET researchers. Many of these emails are well-written compared to the typically low-quality copy used in many scam emails.
When recipients of these emails open the attachments they contain, Javascript is used to install malware, for example TeslaCrypt or Locky, which encrypt data on the victim‘s computer and demand ransom. While these are the most commonly seen infections, unprotected computers are vulnerable to a variety of threats from these emails.
ESET products can detect and block malware contained in Nemucod emails. We strongly recommend that you follow the suggestions below to ensure the highest level of security on your computer: