Dynamite phishing

Fraudsters are currently sending fake applications to prepare dynamite phishing.

In dynamite phishing, the attackers send e-mails to a target with the intention of forcing them to open the e-mail attachment.

The attack will take place in two phases:

First the attacker uses an excuse (e.g. job application) to obtain the e-mail addresses of employees or registered students of a university via the secretary's office, the student representatives or other publicly known e-mail addresses, to generate customized e-mails with these addresses.

The second phase of this attack is often directed against executives.

So these mails usually contain executable files with Trojans. If the file is executed, the computer is infected via hidden file contents and/or other malware is downloaded from the Internet. This enables the Trojan to access the system and encrypt important data.

Mainly the addresses of managers are requested to attack them or tempt them to execute the attachment. In the malicious e-mails, the attackers refer to the previous communication with other users (e.g. "Ms xy from the secretary's office forwarded me")

Therefore, you should check e-mails from unknown senders very carefully and never execute attachments.

Do not be deceived by known names in e-mails or consult the relevant persons before opening them.