Malware: If you are not a Vodafone user, this news is of no interest, although if you are, or if you know someone who is, it may well serve you: As INCIBE, the National Cybersecurity Institute, has discovered, there is a Phishing campaign underway that seeks to use the corporate image of Vodafone for its purposes, in this case the introduction of malware.
Beware of fake Vodafone email
In this campaign, an email is sent to the user with the subject “My Vodafone – (your email address), vodafone customer, your invoice is overdue, pay now and avoid a fine ID- 26196”. In the body of the message, the user is informed that an unpaid invoice has been detected and that they can download it from two links that appear in the email.
The links show the texts: “View in PDF format” and “View in VBS format” respectively, and both lead to the download of a compressed file in .zip format that pretends to be the invoice and contains malware. If you pick and try to open it, your device will be infected.
According to INCIBE, it is recommended to verify that the sender of the email matches the company that supposedly sends it, paying special attention to the addresses that appear in the navigation bar after clicking on the links.
In addition, before providing any personal or banking information through a link, it is preferable to “go directly to the legitimate website of Vodafone Spain, verifying that it uses secure communication channels (https) and its certificate is correct, to later confirm possible notifications or in case of doubt, contact them by phone ”.
If you contact Vodafone, they will confirm that this email is false. If, on the other hand, you have accessed the customer area through the link provided, immediately contact Vodafone Spain to inform them of the situation. Collect all the evidence you have (screenshots, e-mail, messages, etc.) and contact the State Security Forces (FCSE) to file a complaint.