The Mail goes straight to: “notice of enforcement” in large letters right at the beginning. “We have requested you several times already, your contribution account balance”, more claims purporting to be from the GEZ-the successor to the post service of ARD, ZDF, Deutschlandradio, the root end of the message. Because of the missing payments and late fees 213,50 Euro are now due and would be in foreclosure.
the aim of The text: He should be worried about. And to Click on the attached Word document is tempt. Because the Mail with the ominous subject line “notice of enforcement – contribution service” is a classic Phishing message, according to “Heise Security”. The Word document in the Appendix is, in reality, a Trojan that has set it apart probably on a Windows machine.
pest “Lojax” Undeletable: These Trojan itself is a hard disk drive is not removed exchange From the painted Mans Mail brings barely recognisable as a Fake
Especially dangerous is the Mail is because she actually looks very real, experts said. The sender “email@example.com” sounds realistic, the supposedly underlying Internet-address does not exist, however. Also the Logo and the Text of the E-Mail very convincing, the writing in the case of Spam messages, often customary law, disasters not to be found there. Only a few formatting errors to be irritating, so “Heise”.
The file in the attachment is actually as the answer sheet open. Can automatically install the Trojan only if it is allowed in Word macros. In order to bring the user claims the message, you would have to activate the fields “editor” and “content” click on enable. This should be avoided in any case.
+++ read also: The Avira-chief, explains in this Interview why the danger posed by viruses and Trojans will only get worse +++
What to do if one is already infected?
Currently it is not known how the Trojan behaves on the computer and what is his goal. You should have the file already running, it is recommended to disconnect the computer from the Internet. Then you should scan it with an antivirus program. In any case, sensitive transactions such as Online should be operated Banking via the computer, before he was cleaned. General tips for dealing with Trojans, you will find in this Text.
source: Heise Security, Virustotal