Here the joy of an unexpected package can quickly turn into the opposite!
Because what appears to be a message about a highly insured and seemingly valuable package is nothing more than an email with a malicious attachment.
The content of this malicious email in Klatext is:
Hello mirko@[…],
Your package ID54802472 is ready to receive.
This email is a notification of arrival.
Delivery paid by the sender.
The amount of the insurance package is €2,220.To receive the shipment, please print the attached document and present it at a warehouse.
Parcel.de – your path to individual parcel receipt and shipping
Attached to this email is a file with a double extension (.doc.zip), which contains a Trojan.
[adrotate group=“1″]
Attachment with double file extension
The .zip file, whose name is constructed in the form of a DHL ID number, now tries by all means to suggest to the recipient that it is a harmless .doc document. If you now look into the .zip file, you will find the actual malware, which has a double file extension.
Duplicate file extensions are used when you want to disguise what type of file it really is. In this case the file appears as a .PDF_.exe. Since you can hide file extensions in Windows, the true extension does not appear here and you would only see the pseudo-PDF. We therefore recommend that you always leave the file extensions displayed ( Microsoft's instructions here ).
General Trojan warning
Trojans are standalone programs (.exe) that pretend to be something other than what they really are.
When you run the file, it seems like nothing is happening.
But that's not true! A program is installed in the background. The programs or internet fraudsters behind such programs now have access to your data or can also have complete control over your computer.
The most telltale of all file attachments is the .zip attachment.
Emails from trustworthy sources never come as .zip files, not even as .com /.pif / .ico / .exe/ .js. Please do not open and execute the contents unless you consciously expect such a file.
1) Anyone who opens or has opened the file attachment and has also executed the content (this is the critical point!) should first have their PC scanned by their virus scanner .
2) Change all passwords to social networks, online shops, etc.
As a precaution, please also notify your bank or credit card company.
Your email account sends these emails itself?
If you get tons of error messages that your emails have not reached the recipient (and every minute), then your computer is infected and active in a botnet . Here, too, check the PC immediately and, if necessary, consult a local expert
Another alternative is to use the EMERGENCY CD from Kaspersky
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )