The Reporting and Analysis Centre for Information Assurance MELANI warns of fraudulent e-mails. These come with an attachment containing the “Refete” e-banking Trojan.
Criminals have recently been sending out an increasing number of phishing mails once again, aiming to infect e-banking users with the “Retefe” Trojan. This involves exploiting their victims’ credulity by sending them e-mails with faked return addresses, complete with logos of trustworthy organisations, which include the Trojan as an annex. Such fraudulent e-mails are currently for instance sent out in the name of “pneuwirbel.ch” and the Eidgenössische Steuerverwaltung ESTV.
Criminals have used the “Retefe” e-banking Trojan to target Windows and Mac users for several years now. The Trojan attempts to capture confidential information, for instance passwords.
Protect yourself by following the following rules of conduct:
- Distrust any e-mails you receive without having asked for them first: You should not just be discriminating as far as e-mails received from persons unknown to you are concerned, but should also be careful with known senders. Reputable firms in particular are frequently abused for fake return addresses.
- You must never click any links in or open any annexes sent with suspect e-mails.
- Don’t let anybody put pressure on you. Take sufficient time to clarify any such matters, and if in doubt, contact the company concerned. To do so, never use any telephone number potentially also quoted in the e-mail received, but look up their telephone number, for instance on a known company website or in an online telephone directory.
- There might be some rare cases that completely by coincidence, victims actually do expect to receive a mail from a certain company. But it is also in such cases that there are plenty of clues as to how to distinguish a fraudulent e-mail from a real one. The same applies here: Take your time to check a mail for its plausibility.