ROG100

928sRUs's email accounts have been attacked. We are currently working to contain the situation. There is no indication that private customer information has been affected.

If you received an email from 928sRUs with a questionable attachment, like "request.zip" or any other .zip file, or requires you to use a supplied password to open the attachment, or attaches an invoice when you know you haven't ordered anything in over 6 months... don't open the attachment.

If you did open the attachment, immediately download and run (free) MalwareBytes (malwarebytes.com) to scan for malware on your computer. If it finds anything allow it to quarantine all files found, then reboot your computer and run MalwareBytes again.

We apologize for the stress and inconvenience this might cause. We will post an update when the situation has been contained.

linderpat

I just sent you an email on this too. Was going to post here. Glad you caught it. Slick phish scam. Bad guys got your email distribution list apparently.

Wisconsin Joe

Got one from Zane. The attachment was weird, but I was dumb enough to download it.

It wouldn't open.

I should have known to read this forum before my e-mail.

Thanks for the heads up & link to the

Ed Scherer

Got mine! Didn't open (pretty obvious scam/hack) or even bother to investigate.

Hope it didn't jack up your systems very much or victimize your customer base, Roger.

I really hate the bastards that do this crap. If only they'd use their talents to benefit humanity instead.

P.S. They would have had more success with the subject line "Here's one I can't put in the IHI thread"

85euro928

I just received an email from 928sRUs with a 90% off coupon attached, are you telling me it's not good?

sendarius

Hey!! I got one too!

Not really - but I DID get the "please open this attached quote that you didn't ask for" email.

I may have been born at night, but it wasn't LAST night.

RKD in OKC

Don't try to open the attachment. It is a file that requires a fake microsoft word update and macros that install shell access to your computer. Then they can login, turn of protection and download usernames an passwords saved in your web browser, then turn the protection back on.

Daniel5691

Rec'd email also.
Good luck Roger.

Tomkat80222

It was early and I've been working with Roger. I opened access to a password protected zip file, but nothing happened. I will investigate, but I already have security software. I don't save passwords to my computers that have any importance.

drooman

This is an image of what they look like,

there's a special place in hell....

Ed Petry

Hi everyone,
I received this phish on my apple messenger account (text messages). Did not open.
(appears I am unable to attach the screenshot -- sorry. Basically free golf)

Bertrand Daoust

Got this too this morning.

Forget my email Roger.

danglerb

Roger thanks for the quick heads up. Running malwarebytes always a good idea, same for not opening anything suspicious.

jej3

Sorry for the 928srus troubles. Just a suggestion... maybe we don't need to all post if we received it. We're probably all having a Monday but this is too dejavu to the people who "Reply All" to an email to tell them to be removed from the "Reply All".

Wisconsin Joe

Okay. Thanks for that.

I downloaded (since deleted) the attachment, then tried to open it. When it asked me to install something to open the attachment, I got suspicious (yeah, it took that long).

Got the Malwarebytes that Roger suggested, ran it and it came out clean.