The Latest in IT Security

Fake emails from debt collecting agency used to spread malware


We wrote more than two month ago about fake emails in German pretending to come from various known online shops that contain attached archives with malware. The email pretended that the attached files were invoices that the receiver of the email forgot to pay. A special characteristic of these emails was and still is that they are addressing the receiver by full name.

Now, the latest campaign changed the tone of the email and literally threaten the receiver of the email with legal measures if he doesn’t pay the invoice (again, attached as ZIP archive). The email mentions that the invoice is from the website (online shop for hardware) but it doesn’t pretend anymore to come from the online shop directly but from a debt collecting agency (company that is specialized in recovering money from customers that didn’t pay (German: Inkassoburo)).


The malware is in an archive called “” and the executable file inside is called “mahnung.exe”. This time, all Avira products detect it as the trojan ’TR/Dldr.Esitgun.A’.

You should never respond to such letters in any way and never open any attachments coming from suspicious emails. If you ever have doubts if you really forgot to pay an invoice, better call a consumer organization near you.

Sorin Mustaca

IT Security Expert

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments