Madrid
Keep
Scams on the net are the order of the day. Especially in these times of isolation, where we spend more time with our eyes glued to the screen than ever. Recently the National Cybersecurity Institute (Incibe) has alerted about a new malicious email campaign in which criminals impersonate companies like WhatsApp The WeTransfer to infect the user’s device with a Trojan-type computer virus, designed to extract sensitive information from the victim, like bank details, and make them available to criminals. The virus is included in a link located within an email.
To attract the attention of the Internet user, cybercriminals use subjects such as ‘Backup WhatsApp messages * 913071605 No. (xxxxx)’ and ‘he sent you some files – No. (xxxxx)’. Likewise, Incibe emphasizes that “it is not ruled out that there are other emails with different subjects, but with the same objective, such as inciting the user to download a malicious file under some pretext of interest”.
Unlike other scam emails, the ones criminals employ in this campaign are pretty well designed. “The wording of the message does not contain inconsistencies, nor numerous spelling mistakes, which makes it difficult to identify it as fraudulent,” explains Incibe. «The date of issue that appears at the bottom is usually very close to the day the email is received, or even the same day. Although it could also appear out of date “, completes the institution.
As we explained, each of the messages has a hyperlink in which the download of some type of file or backup copy of the services that the criminal impersonates is promised. However, clicking on it will start the download of the Trojan. “From ejecturse, the device will be infected”, they remarked from Incibe.
To avoid this type of attack, all cybersecurity experts recommend that we distrust all those emails or SMS signed by a company that we have not requested. The best thing in these cases is to try to contact the company that, supposedly, has not sent the mail by another means. Never responding directly to the ’email’.
See them
comments
