Malware: Receiving an email from your bank is usual -although the normal thing is that if you are doing operations online, they communicate with you by SMS-, but receiving an email from the Bank of Spain or MINECO, the Ministry of Economic Affairs and Digital Transformation -yes, the same one that was brutally hacked recently together with Justice and the INE-, is something else. Have you received an email these days from either of these two entities? Well, keep reading.
Phishing campaign that impersonates Mineco
The INCIBE (National Institute of Cybersecurity) has detected several campaigns to send fraudulent emails impersonating various entities. One of these campaigns aims to supplant the Ministry of Economic Affairs and Digital Transformation (MINECO). And it is accompanied by an email with the subject:
«<Email-victim>, Dear, Your Invoice!”
In which they ask the victim to download an alleged invoice. By clicking on the link, you are redirected to a page where you request to download a .zip file containing malware.
Another of these campaigns aims to supplant the Administration Service of the Bank of Spain. The email distributed by this campaign is subject to: “transfer receipt”, where they ask the victim to download an alleged transfer receipt of a refund made to the victim. By clicking on the link, you are redirected to a page where you request to download a .zip file containing malware.
Never open links if you are not sure
In these campaigns, to carry out the deception, cybercriminals use the technique known as email spoofing, with which they try to make the victim believe that the sender of the email asks them to take some action.
But even if even the email seems valid and not an attempt to deceive you, always remember that if you receive any notification via email, you must access through the website of the service that makes said notification and not click on the links contained in the email . And if you are not sure, contact the entity’s customer service to make sure that the email you received is valid or a ‘fake’.