UK Amateur / Ham Radio Operators hit by spoof message with dodgy payload claiming to be from Ofcom’s Spectrum Licensing Division (spectrum.licensing@ofcom.org.uk)

The email has a document attached that contains malware!

Ofcom has responded directly to those who have posted on twitter that they have received the mail.

“While Ofcom says that it is not aware of a data breach, the Radio Society of Great Britain (RSGB) says that the problem seems to be quite widespread and many of its members contacted them to ask about the message.” Ofcom

The likely source of the email is Russia, with the attached Word document containing a malicious macro which then downloads malware executable from the South African-registered website naturallyconvenient.co.za (which appears to belong to a US-based manicurist firm, though there is no suggestion the company is aware of what is being done with their domain).

The malware then phones home to a Russian IP address - Please do not open this message if received!