0405119483 [email protected]

Beware of Contact Forms from Emails

by | Jan 4, 2022

Fake contact forms - computer repairs
computer repairs malware

Hackers are duplicating website contact forms and discussion forums from reputable websites and pushing these forms via fake emails to unsuspecting users.  These forms are very well made and are used to distribute Excel XLL files that download and install the RedLine password and information-stealing malware.

The forms can install malaware  which steals data, RedLine can execute commands, download and run further malware, and create screenshots of the active Windows screen.

Spamming contact forms and discussion forums

 

This is a widespread campaign targeting many websites using public forums or article comment systems. Some fake emails ( aka phishing ) contain  fake websites to host the malicious Excel XLL files used to install the malware.

For example, one campaign used the following spam message and a fake website that imitated the legitimate Plutio site.

Pluto spam form computer repairs

Other fake emails pretend to be payment reports, requests for advertising, or gift guides with links to malicious XLL files hosted on Google Drive, as shown below.

Abusing Excel XLL files

These spam emails  are designed to execute harmful Excel XLL files that  install  RedLine malware on your windows computer.

An XLL file ( excel link library ) is an add-in code which extends  Excel by reading and writing data, importing data from other sources, or creating custom functions to perform various tasks.

XLL files are simply a DLL file that includes an ‘xlAutoOpen’ function executed by Microsoft Excel when the add-in is opened.

Once the malware runs, it will search for  data to steal, including credentials and credit cards stored in the Chrome, Edge, Firefox, Brave, and Opera browsers.

If you have already been compromised you should assume that your stored passwords are freely available and immediately change them. Any credit card stored will be on-sold.

As XLL files are executables, threat actors can use them to perform a variety of malicious behavior on a device. Therefore, you must never open one unless it comes from a trusted source.

These files are not generally sent as attachments but instead installed through another program or via your Windows admin.

Therefore, if you receive an email or other message distributing these types of files, simply delete the message and report it as spam.

To see more of our IT Services c;lick attached link.  Click here for  more about our Virus Removal  

 

 

 

What our Clients Say

Daniel G
Daniel G
2024-01-15
Digby was a great help fixing a number of mistakes (and the effects of the same) I had unwittingly made with permissions on my laptop and communication between external drives. Would highly recommend!
Pancho Villa
Pancho Villa
2024-01-12
I had my sons MAC book repaired by Digby. Digby was very thorough and professional in his approach and communication. He quoted a fair price and undertook the repairs on time. I would highly recommend.
Andrew Bruce
Andrew Bruce
2023-12-28
Digby provided a high quality service in uograge my computer after backing up and reinstalling my data, folders and files. He met his time and cost quotes and the machine is fully up and operational. I cannot praise digby'd service too highly.
Inez McQuillin
Inez McQuillin
2023-12-24
Thanks for the excellent service
Almas Nurlybekuly
Almas Nurlybekuly
2023-12-21
Hi All, I do not usually write the reviews, but this time I would like to thank Perth Computer Repairs for the provided service. I bought computer from my previous employer and I wanted to do a fresh installation of Windows. I tried to do it myself at first, but could not re-install the windows due to the security an error which said: "There is an error. Cannot connect the Windows Server while booting." Then, quickly looked at the highest rated computer repair service near me. Called them, got the good repair cost. Dropped computer and got it fixed quickly. The owner is very laid back and nice person. Very competitive price and very quality service. Definitely a place to trust. Currently, enjoying my fresh Windows install. Thank you very much!
Greg Reid
Greg Reid
2023-12-14
I tell you if you want honest service, no bull call Digby, he's your man.
Virginie Chetty
Virginie Chetty
2023-12-12
Digby sourced and setup my new laptop exactly to my needs so that I can remotely access my work computer.
Dianne Casella
Dianne Casella
2023-11-21
Digby was efficient, thorough and very helpful in moving me forward with my computer concerns. I am very grateful to have been able to utilise Perth Computer Repairs.
Eric Brain
Eric Brain
2023-11-16
Good value repair of my son's pc. Would recommend.
Gwyn annika1@y7mail.com
Gwyn [email protected]
2023-11-13
This man is so patient - me being somewhat of an older generation and not tech savvy - he helped navigate through a printer problem and certainly recommend him to anyone with computer issues!
Google rating score: 4.9 of 5, based on 53 reviews

Contact

Address

126  Whatley Crescent

Maylands

Phone

0405 119 483

 

Mail

[email protected]