Attention to SPAM "Electronic invoice from TNT Express"

Have you recently used TXT Express courier services? If so, be vigilant when reading an e-mail. Someone is trying to impersonate the Polish branch of the courier company TNT Express Worldwide (Poland) Sp. z o. o. by sending SPAM and enclosing the alleged invoice with the completed order to transport equipment from Walter Kompressortechnik Polska. In fact, the scammer counts on the fact that the TNT carrier serves Walter customers.

Invoice TNT Express SPAM

Hello,

Please be advised that TNT Express Worldwide (Poland) Sp. Z oo issued an invoice in electronic form in accordance with your consent. The electronic invoice enclosed below replaces the paper invoice. If you change the e-mail address, please inform us immediately about the new e-mail address.

An invoice is attached.

Yours sincerely, Dariusz Zielinski

TNT Express Worldwide (Poland) Sp. z o. o

The message is sent from Sweden with IP 46.246.120.164 and passes through the most likely improperly secured SMTP server. The nazwa.pl company was infamous thanks to the Polish cybercriminal, who was recently caught by the Office for Combating Cybercrime of the Police Headquarters in cooperation with the District Prosecutor's Office in Warsaw.

If you have received such a message, ignore it and delete it. More investigators can report the matter to the police. More about the consequences of sending spam is in the material prepared by GIODO.

Attachment hook:

aefacfbd638ee918fb2918f3ba94775447d27e3c596e8c8259a9485985714135 

Data is sent from the nazwa.pl server:

adx91.rev.netart.pl [77.55.101.91] 

The spammer connects to the nazwa.pl server from the following address:

46,246,120,164 


Add new comment

The content of this field is kept private and will not be shown publicly.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.