Scams through methods such as phishing They are increasingly common in Spain. From emails with supposed rewards, banking entities that you supposedly legitimize that allege some kind of problem with our accountsimpersonations of companies demanding some type of documentation… All of them, in reality, are scam attempts.
Now, from the OSI (Internet Safety Office) they have informed through X, formerly Twitter, of a new campaign that supplants the National Mint and Stamp Factory for victims to download an attachment containing a malware. Your goal is infect the victim’s entire device when said file is executed and steal everything in it.
The phishing scam that impersonates the National Mint and Stamp Factory
From the OSI they explain that everything begins with the arrival of an email in which they inform the user that “they have identification and certificate of your NIF available attached to said email so you can download it and have it immediately, or if you wish you can also access the URL provided and download it from that website.”
That is, the message informs the recipient that they can download an attachment with their identification and NIF certificate. However, this file actually contains an executable that appears to be an .iso filebut it is actually a file that contains malicious code. In fact, the sender of the email pretends to be the legitimate one, which is known as yespoofing.
If you download the malware that accompanies the email, cybercriminals can monitor the infected device and collect confidential information of the user for subsequent fraud attempts through identity falsification, in addition to trying to access bank details. If you get the message, Mark it as spam and delete it immediately. If you have downloaded it but not executed it, delete it from the downloads folder and recycle bin.
What to do if I have downloaded and run it on the device
On the other hand, if this has happened to you, the first thing to do is disconnect the computer from the home network so that it does not spread and use an antivirus to perform a scan to find it. If you are still infected, it would be advisable to perform a factory reset to disinfect it completely, so a previous backup.
It is also recommended collect all possible evidence such as screenshots, email subject lines and other information you believe is relevant to file a complaint before the State Security Forces and Bodies.
#Spanish #authorities #warn #phishing #scam #steal #mobile
