For once, it is not a random phishing email, but rather an email specifically sent to businesses with a malicious link. However, there is a virus hidden in the file with the alleged bank statement!
This is what the email to business owners looks like
This is the English language email:

The English language text reads:
Hi there.
Yesterday I paid for around $3 hundred worth of goods from your store.
Right after paying for the products, a message appeared on your web page that it was impossible to obtain cash from my banking card and my transaction canceled.
But when I got into my account, I found the fact that did take place.
Please solve this issue and give back the funds as quickly as possible!
I am also attaching my bank statement to confirm the drawback of the money.
In German:
Hello.
Yesterday I purchased approximately $300 worth of merchandise from your store.
Immediately after paying for the products, a message appeared on your website that it was not possible to receive cash from my bank card and my transaction was canceled.
But when I went into my account I found that the purchase had been made.
Please solve this problem and return the money as soon as possible!
I also attach my bank statement to confirm the withdrawal of the money.
Below the text there is a link labeled “ View my Bank Statement ” and the phrase “ My Bank Statement Pass: 9111 ” – we will need this number soon!
A huge virus behind the link
So let's click on the link! A compressed file that is just 1 megabyte in size is immediately downloaded:

The name of the file is “ My_Bank_Statement_Client_ID_368470503172PDF.pdf.zip “.
Attention: By default, the display of the file extension is switched off for most users, so for these users it appears as if this is a PDF file!
No, the subheading is not a joke, because there is actually a huge virus hidden in the packed file! If we unzip the file to finally see the alleged bank statement, we get this file:

Visually, for most users it looks as if you have unpacked a 668 megabyte (!) PDF file, but in fact (as shown in the screenshot above) it is an EXE file, i.e. an executable file. The file description also shows that it is a self-extracting program.
If we were to execute this file, a huge amount of viruses, trojans, keyloggers and malware would be installed on the PC independently. A check of the file with Kaspersky confirmed that there was a lot of malware in the executable file.
Conclusion
This can of course be particularly damaging for businesses if, for example, all customer data, invoices, email traffic, etc. are compromised by malicious programs and, in the worst case, are no longer accessible at all - it can mean the end of a business.
Therefore, our advice to business owners: It is best to immediately assign such an email to the place where it belongs: the wastebasket.
Also interesting:
Beware of credit card phishing!
Fraudsters use a sophisticated scam in which they pretend that a postal package is undeliverable and that you have to complete your address. You also get an expensive subscription. – Parcel service email from the post office: Be careful, rip-off!
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

