Every few days myself and everyone else on the planet (apart from Kim Jong-un land) receives phishing and malware emails. The good thing is they are often not personalised so we get used to them. Over the last few years’ malware and spam writers have clocked on to this fact.

Today I received a decent attempt at personalising a malware email which would likely convince most people though not me of course! Think about it if the below would convince the average business or IT user then spear phishing would have nearly a 100% chance of working if planned and executed correctly.


Good it maybe, there are some giveaways: from a "prize company" not a debt collection agency, subject is my name which could say debt for Graeme Batsman, GBP not £, Danish URL for a British debt, my post code could be on a new line and no full stop on the final line.


Email header analysis showing two domains yet the email comes from Italy.


The URL you go to with CAPTCHA protection.


My UTM firewall log showing it blocked the download of a 180KB zip file.


Zip file download request if anti malware scanning is disabled on my network.


Jotti showing a poor detection as did Virus Total.


The malicious file which is a dropper SCR file which will execute if opened.