The Federal Office for Information Security (BSI) warns of emails that contain an alleged ELSTER tax assessment as an attachment. The zipped "Elster.exe" file from the attachment should not be executed under any circumstances, as it is malware. Previously known sender addresses are [email protected], [email protected], [email protected], [email protected]
The unknown senders of the virus mail claim that "your tax office or your tax administration provided an encrypted zip file for collection using the ELSTER procedure." The email is signed with "Your tax office / your tax administration." However, electronic tax assessments are not sent by email: Special software is required to receive them.
Fake emails in the name of Lufthansa are also in circulation, according to the security blog Naked security of the security service provider Sophos. The mails are disguised as travel information and contain an attachment called "PDF.exe." Less experienced users could mistake it for a PDF file and try to open it. The malware then sets up a backdoor.
Criminals act similarly on behalf of IKEA: Alleged email invoices from the Swedish furniture store contain attachments with malware. IKEA warns of these emails on its website and advises that it does not send invoices by email. (Gil)