Fake Herbalife Order Email Spreads Malicious Codes

 Analysis by: Cedrick Ramos

Fake emails spoofing Herbalife are infecting users with malicious code. The email is an acknowledgement of purchase that includes an attached tax invoice. Unsuspecting recipients who open the attachment will be infected with malicious codes.

Upon investigation, the attachment is detected as 'Mal_VBSCRDLX'. To fool victims, some spam campaigns spoof trustworthy or notable companies in their emails. Users are always advised to carefully check the emails they receive and be cautious when opening attachments.
 SPAM BLOCKING DATE / TIME: September 20, 2017 GMT-8
 TMASE INFO
  • ENGINE:8.0
  • PATTERN:3342