It's March and something was missing so far? That's right: the monthly warning about fake telecom bills. Therefore, the same applies this month: Be careful of the email with the subject “Your Telekom landline bill February 2016”. If it contains an attachment in .zip format, it is a malicious email.
Internet fraudsters pose as “Deutsche Telekom AG” and make the user believe that they have a current invoice for February 2015. Attached is a .zip archive in which the actual malware is hidden. And of course also included here: the misused signature of Ralf Hoßbach. The email appears as follows:
Your invoice for February 2016
Hello [name],
You will receive your current landline bill in this email.
The total in the month of February 2016 is: 711.35 euros.
In connection with your guilt. If payment is not received by November 25, 2015, we have the right to prevent the provision of services.Attached to this letter are documents in a zip archive with details of the services, which must be read carefully.
For further questions about InvoiceOnline, your invoice or payment, we offer you a comprehensive range of help.
Information about the security features of BillOnline can be found under Security information. Best regards
These emails are sent almost every month and always contain the invoice date of the previous month. Logical, because the real invoices always refer to the previous month.
Be careful, there is a Trojan attached!
Kaspersky Security discovered the malicious program in the file attachment with the name “email.346783682.zip” (2229 bytes) HEUR:Trojan-Downloader.Script.Generic. We therefore warn against unpacking the attachment of the alleged invoice and executing the contents.
General Trojan warning
Trojans are standalone programs (.js) that pretend to be something other than what they really are.
When you run the file, it seems like nothing is happening.
But that's not true! A program is installed in the background. The programs or internet fraudsters behind such programs now have access to your data or can also have complete control over your computer.
The telltale one is the .zip attachment.
Emails from trustworthy sources never come as .zip files, not even as .com /.pif / .ico / .exe/ .js. Please do not open and execute the contents unless you consciously expect such a file.
1) Anyone who opens or has opened the file attachment and has also executed the content (this is the critical point!) should first have their PC scanned by their virus scanner .
2) Change all passwords to social networks, online shops, etc.
As a precaution, please also notify your bank or credit card company.
Your email account sends these emails itself?
If you get tons of error messages that your emails have not reached the recipient (and every minute), then your computer is infected and active in a botnet . Here, too, check the PC immediately and , if necessary, consult a local expert.
Another alternative is to use the EMERGENCY CD from Kaspersky
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )