The following is an example of an email containing the subject of “Companies House secure form” pretending to come from Companies House but actually from a spammer. The email attachment contains a banking trojan. The domain name is also new, and only registered in December 2017.
They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment.
Some of the message details state “This message has been generated by Companies House Secure Form” and “Note: Attached documents are encrypted with a unique Private Key” see below image for the full message text.
The email appears to be from [email protected]
It contains an attachment called Secure_Form.doc this file contains a banking trojan.
Domain Name Information
Subdomains linked to this include (they contain malware do not visit them !) :-
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.