Crypto Email Warning

#1

Earlier, I received a suspicious email with my email, name, address, and phone number. While the fact that the sender (whoever they really are) was somehow able to obtain my personal details is somewhat concerning, the fact is that they could have got them from anywhere. For example: An online order from eBay, Amazon, etc.

Most alarming is the fact that the email also contains a .dotm file attachment, which I did NOT download or open. The file is a Microsoft Word file template, and the “m” portion of the extension indicates that it contains macros.

Macros can be excuted by MS Word to perform a variety of useful functions, but they can also contain malicious code. In this case, I suspect that the macro is designed to deliver a Crypto trojan called Ransom.Lockey. Soon, I will confirm this by examining the file in a safe and isolated environment, but I wanted to post this warning to hopefully help others to avoid becoming victims.

https://www.symantec.com/security_response/earthlink_writeup.jsp?docid=2016-021706-1402-99

The following is a screenshot of the email, with my personal details removed. Note the alarming tone, designed to scare the recipient (victim) into opening the attachment. Also note their poor use of English, indicating that English is not their first language.

Lastly, the message indicates that the attached file is password protected to “prevent accidental access”, but the password is included. Doesn’t that defeat the purpose, or does it serve their purpose? The reason the file is password protected, is to prevent automated email scanners from detecting the malicious code within the file.

1 Like
#2

I received an E-mail like that before. It wa addressed to someone else but still gave me quite a jump scare. It’s the reason why I have enabled the option to see all file extensions at all times.

#3

Crypto Email is given a warning for deleting the file in your inbox folder. You can also use the Roadrunner email. For instant support related to Roadrunner Email, please contact Reset Roadrunner Password for the best solution.