A rather different 419 scam / phishing attempt than we are used to see in the UK was received this morning. As soon as I saw the email, my first thought was ” what malware or exploit are they trying to deliver today?”
Well after investigation and pulling apart the word doc in as numerous examination tools, I cannot find any malware or exploit payload. Therefore it is a 419 scam / phishing email. More than likely a 419 scam where they will ask you for money up front as part of the quotation procedure.
If this email had been received by a small company that does deal with this sort of equipment, it is highly likely that somebody would have responded and started a conversation with the scammers. Be careful and watch for scams.
The email looks like:
From: Busisiwe Mathapelo <firstname.lastname@example.org>
Date: Mon 07/11/2016 10:12
Subject: Request for Quotation
Attachment: Department of Defence South Africa.docx
Please view the attached file and respond back to us urgently
Please read our How to protect yourselves page for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware.