And the malicious mail, looks like in this screenshot:Prezado(a) Senhor(ª),
Sua empresa está cadastrada em nosso sistema, por isso solicitamos através desta o orçamento dos ítens discriminados na planilha em anexo abaixo, assim como prazo e formas de pagamento, na certeza da mais alta colaboração e urgência para cumprimento de todas as nossas obrigações, desde já agradecemos vossa colaboração.
Fake email, with link to DropBox.com
It can be seen in this deception that criminals include in the false link to the supposed budget, a link to a well-known free data storage site, http://dl.dropbox.com/u/[DELETED]/List-Nova.com.
Obviously the criminals are betting, in their game of deception, on the trust and knowledge that one could have of this site DropBox.com, who clearly could not identify this file as malicious. We must then be alert, in DropBox malware is not always detected.
The malware file Lista-Nova.com is a Trojan by which criminals seek to infect the victim's PC for subsequent criminal actions such as accessing data contained in the PC, joining the PC to a botnet, theft of banking credentials, credit card etc.
The Trojan has already been reported to VirusTotal where it is barely detected by 2 AV engines and goes unnoticed by all the engines of the first brands, at least in the mode that VT scans the files.
From Segu-Info we proceeded to report the file to DropBox.com, a task for which one must be registered in their support service, because unlike other services, they do not have a direct entry to report abuses although the report can be made anonymously.
Raúl de la Redacción de Segu-Info
