Search our Archive


Dangerous ransomware arriving as fraudulent Eir bill email

Dangerous Ransomware

Irish computer users are being warned against opening an attachment to a faked Eir email.

Irish computer users are being warned against opening an attachment to a faked Eir email, as it contains dangerous ransomware, which will lock your files and demand payment to unlock them.

 ESET Ireland has come across another dangerous spam email. This one pretends to come from Eir and says:

“Dear customer,
Your bill is now available to complete. Your bill amount is €184.38.
For your convenience we attached a copy of your invoice to your email.
To view it, please download invoice here.Regards,
My eir Customer Support”

Clicking the link will download what appears like a zipped file, but is really a heavily obfuscated javascript file, that installs dangerous ransomware that ESET identifies as Win32/Filecoder.NHQ.

The malware will lock files on the victim’s computer, then play a robotic voice recording, saying: "Attention, attention, this is not a test, all your documents, databases and other important files are encrypted and windows cannot restore them without special software. User action is required as soon as possible to recover the files"

ESET Ireland would like to point out that paying the ransom to the cybercriminals does not guarantee getting your files unlocked, or it can result in a repeated infection a while later.

ESET security software identifies and prevents this particular ransomware from executing, keeping the users safe, but everyone is still warned to avoid clicking on any attachments or links in such fraudulent emails, instead marking them as spam and deleting them.


More News

Buy the e-paper of the Donegal Democrat, Donegal People's Press, Donegal Post and Inish Times here for instant access to Donegal's premier news titles.

Keep up with the latest news from Donegal with our daily newsletter featuring the most important stories of the day delivered to your inbox every evening at 5pm.