'Stromag' Email Scam

Con artists are disseminating fake emails presented as if coming from the power transmission components manufacturer Stromag, as a way to spread malware threats. More specifically, according to infosec researchers, the fraudsters are using the lure emails to infect victims' devices with the Agent Tesla RAT (Remote Access Trojan). It should be clear that the Stromag company is in no way associated with the threatening spam campaign and its name is simply used as a lure to trick users.

The fake emails might carry a subject line similar to 'Request for quotation-no. [NUMBER].' The messages will be presented as a communication from the Stromag company, regarding an invoice that the recipient is supposed to send. To receive additional information, the targeted user is instructed to open the file attached to the misleading email. Once executed, the file will be responsible for the download and installation of the Agent Tesla threat.

Devices infected by RATs could be subjected to numerous, hurtful activities. The active RAT tool could provide the attackers with backdoor access to the device and allow them to deliver additional, more specialized threatening tools. Typically, attackers will proceed to drop ransomware, spyware, crypto-miners, stealers, etc., with the malware type being dependent on the attackers' specific goals.