Lokibot via multiple embedded OLE objects in fake invoice rtf word docs

A slightly different Lokibot campaign this morning. The  email is nothing special with a typical subject of  CONFIRM OVERDUE INVOICE coming from various email addresses including what is likely to be either  a compromised or fraudulently set up email account in Taiwan and a fake Apple spoofed email address that was also likely used for a previous phishing scam The body content spoofs a Thailand company, that might or might not exist, with an email address and weblink to a different Philippines company. There are 2 different sized attachments to the email, both are renamed RTF files containing multiple embedded … Continue reading →

Article Link: https://myonlinesecurity.co.uk/lokibot-via-multiple-embedded-ole-objects-in-fake-invoice-rtf-word-docs/