My client is being contacted by several people about malicious spam e-mail today. I have been collecting as much data on the incident as possible, but proving to be limited as people delete the e-mails and dump the trash quickly once things go bad.
The attachment contains XLM.Trojan.Abracadabra.36.Gen
My clients name in some form (Variations on every e-mail) as From
They are sent from random e-mails (No 2 are alike).
Every e-mail contains an actual e-mail conversation between my client and the person getting the virus. The attachment is a ZIP file (Name varies on every e-mail). Which contains a 15kb XLS file (I belive that file size is standard and the virus also.)
The host is GoDaddy workspace. They cannot tell him where or when any logins occur on his account. He uses Outlook 2019 on his W10 PC (No virus found by any of several scanners). He also has the e-mail on a home computer (Not available to me at this moment) and a smart phone (Which he uses too much to give up without me showing probable infection).
GoDaddy is going to do a deep scan on the physical server hosting his accounts and maybe get back to him.
His password was changed to the e-mail about a week ago. I am going to change it again shortly here.