Email purporting to be from Pacific Pathways insurance brokers claims that an attached file contains a General Liability & Workers Compensation insurance quote request packet.
Subject: General Liability & Workers Compensation InsuranceGood morning,I reached out a few months back with regards to your commercial insurance needs. I wanted to check in to see if now is a good time to quote any line of insurance?I have attached my quote request packet for your convenience. Please feel free to call with, email or fax the requested information and I will get right to work on your quotes.
Workers compensation carriers require 4-5 years loss runs (IF APPLICABLE), if you can please forward those my way as well.
Attached File: PPI QUOTE REQUEST_55691413.zip
According to this email, which claims to be from Pacific Pathways insurance brokers and includes the company’s logo and contact details, you can read a ‘quote request packet’ by opening an attached .zip file. The email has the subject line General Liability & Workers Compensation Insurance and claims that the sender ‘reached out a few months back with regards to your commercial insurance needs’.
However, Pacific Pathways did not send the email and the attached file does not contain insurance documents. Instead, the attachment contains malware.
This attack is aimed at businesses in the hope that a busy or inexperienced staff member may open the attachment in the mistaken belief that it really contains a work-related insurance quote.
Details, such as the name of the person who supposedly sent the email and the attachment name may vary in different versions of the message. If you receive one of these emails, do not open any attachments or click any links that it contains.
Keep in mind that such malware campaigns often use the names and logos of genuine companies such as Pacific Pathways to make their claims seem more credible. The targeted companies are also victims of these criminals and are in no way responsible for malware attacks made in their names.
Last updated: April 23, 2016
First published: April 23, 2016
By Brett M. Christensen