Dangerous Ransomware Arriving As Fraudulent Eir Bill Email

By   ISBuzz Team
Writer , Information Security Buzz | Nov 02, 2017 03:15 pm PST

ESET Ireland is warning Irish computer users against opening an attachment to a faked Eir email, as it contains dangerous ransomware, which will lock your files and demand payment to unlock them.

ESET Ireland has come across another dangerous spam email. This one pretends to come from Eir and says:


“Dear customer,
Your bill is now available to complete. Your bill amount is €184.38.
For your convenience we attached a copy of your invoice to your email.
To view it, please download invoice here.

My eir Customer Support”

Clicking the link will download what appears like a zipped file, but is really a heavily obfuscated javascript file, that installs dangerous ransomware that ESET identifies as Win32/Filecoder.NHQ.

The malware will lock files on the victim’s computer, then play a robotic voice recording, saying: “Attention, attention, this is not a test, all your documents, databases and other important files are encrypted and windows cannot restore them without special software. User action is required as soon as possible to recover the files”

ESET Ireland would like to point out that paying the ransom to the cybercriminals does not guarantee getting your files unlocked, or it can result in a repeated infection a while later.

ESET security software identifies and prevents this particular ransomware from executing, keeping the users safe, but everyone is still warned to avoid clicking on any attachments or links in such fraudulent emails, instead marking them as spam and deleting them.

Read more at ESET Ireland’s official blog.

[su_box title=”About ESET Ireland” style=”noise” box_color=”#336588″][short_info id=’60241′ desc=”true” all=”false”][/su_box]

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x