In recent days an estimated 30,000 Internet users have received emails containing copyright warnings and demands for cash settlements. The emails, which detail alleged infringements on content from EMI, Sony, DreamWorks and Paramount, are not only fake but also have a sting in the tail - a nasty trojan just waiting to be installed.

It used to be the case that when a copyright holder tracked down an alleged file-sharer they would have to make contact via regular snail mail. Legal threats in the post nearly always mean business and have to be dealt with in an appropriate manner.

With the advent of companies such as Rightscorp, however, demands for cash settlement now regularly arrive via email. While some recipients treat these emails as spam, they are sent by a legitimate company acting on behalf of genuine rightsholders. Whether people should pay up on presentation of a mere email is a personal matter, but there are some instances in which no payment should ever be considered.

During the past several days there have been increasing reports of Internet users in Germany receiving cash demands for alleged copyright infringement. The emails detail alleged piracy offenses on tracks from Jay-Z, R Kelly, James Blunt, Bullet for My Valentine, and metal bands Sepultura and Children of Bodom, to name just a few.

It’s a very big operation indeed. According to lawyer Christian Solmecke, a lawyer who regularly defends in piracy cases, up to 30,000 individuals are affected, with many calling his offices for legal advice.

But while the emails say they are being sent on behalf of a range of rightsholders from EMI, Sony, and Warner Bros. to DreamWorks and Paramount Pictures, drilling down into the details reveals the whole operation as a huge scam.

The ‘settlement’ mails demand between 200 and 500 euros within 48 hours to make potential lawsuits go away. One reads:

This is a warning because of your violation of § 19a of the Copyright Act on 07.06.2014. The music album ‘Bullet For My Valentine – Temper Temper’ was downloaded from your IP address 8.149.94.13 at 3:40:24.

This violates § 19a of the Copyright Act and must be reported to the responsible District Court. Only the fastest possible payment of a fine of 400.88 euros can prevent this. We expect payment within the next 48 hours.

For details see the attached document XXXXXXXXX.zip

As can be predicted from the final line, the real plan is to trick recipients into opening a file apparently containing details about their case, but which in fact carries a suspected trojan.

“It is very likely that the zip file contains a virus, designed to spy on credit card and account information. The floodgates would then be opened to online banking fraud and identity theft,” Solmecke warns.

“For this reason, all users that have opened the ZIP file attachment should check their PC immediately with a virus scanner and install the security updates for their anti-virus software,” the lawyer concludes.

Finally, by including legitimate law firms’ contact details in the emails, specifically companies that are involved in the settlement business already, the scammers are using a particularly crafty technique to come across as genuine. One lawfirm, Sasse & Partner, was forced to issue a statement denying involvement in the scheme.

“The ‘warnings’ are sent under the name of our lawyer Jan Spieldenner. The perpetrator or perpetrators are apparently making use of the fact that our firm regularly sends warnings on behalf of various clients and has thereby acquired a certain reputation. We point out that the warnings provided by us are never sent as a zip file,” the company explains.

Quite how many people will actually pay up on receipt of such an email is unknown, but by sending out tens of thousands it seems likely that a few will. At the full 500 euro rate, just a couple of dozen ‘settlements’ will net a sizable amount of cash – as ‘genuine’ copyright trolls know only too well.