Beware of suspicious email from

Categories » » All Pages
23rd November 2016

Emails with a highly suspicious “Report.xls” Excel file attached are being sent out by, a domain name registered in Moscow, Russia on 20 November 2016. This message is definitely NOT associated with Reckon Australia, the accounting software company.

The email message

Message from : Virtus Health Limited, <accountshosted @>
Date : Wednesday, 23 November 2016
Subject : debtors

File Attachment : Report.xls

Please review the attached report. Feel free to contact us if you have any questions.

Thank you.


Virtus Health Limited

This type of bogus email is not difficult to spot. I expect the Excel file contains some sort of Malware, not that I actually opened it to find out ! Simply delete the message upon receipt.

The message was actually sent from a mail server located in Paris, France.

Header code analysis

Received: from ([]:45824
IP address lookup : Origin = Paris, France

Whois Domain Name Owner Search : (Server location)
Organisation: ORG-HW22-RIPE
Org-name: Hugo Weiss
Org-type: OTHER
Address: 3 rue philibert lucot
Address: 75013 Paris
Address: France

Whois Domain Name Owner Search : (Where registered)
Creation Date: 2016-11-20
Registrant Name: Protection of Private Person
Registrant Organization: Privacy Protection
Registrant Street: PO box 87, REG.RU Protection Service
Registrant City: Moscow
Registrant Postal Code: 123007
Registrant Country: Russia

Thanks Hugo.


All feedback appreciated.

Add your review ⇒

More related pages …