The link that comes with the message redirects you to a URL that automatically downloads a ZIP file, which if we unzip it will extract all our banking information
The General Directorate of Traffic (DGT) has warned on social networks about a new case of ‘phishing’, or fraud via the internet. There is a campaign that suppresses their identity, in which
reports an unpaid fine. In that email, the user is asked to fill out a form and send it to a mailbox. The message appears to have no spelling or writing errors, making it more difficult to identify as fraudulent.
However, the link attached to the message redirects you to a URL that automatically downloads a ZIP file that, if we unpack it, will infect the computer, for example. It may look like a text format such as an invoice or document (PDF or DOC), but it is a Windows executable file (MSI or EXE) that when activated
pulls out all our bank details of the electronic device we have used.
In particular, it is Trojan horse malware that is characterized by extracting banking information. There are several variants, but one of the most common features is that this trojan allows cyber criminals to perform actions such as manipulating windows, recording keystrokes, and obtaining addresses from the victim’s browser.
Thus, the DGT insists that if an email is received from the Infringement Administration, from the address ‘multas@cobra01.accesscam.org’, the user knows that this address has no relation to the DGT’s official domain.
The Internet User Security Office explains that if you received the fraudulent email, clicked the “Download Invoice” option and downloaded the file, but did not run it, under no circumstances should you reply to the email since cyber criminals could contact that mailbox again. Delete the downloaded file and mark the received mail as spam.
Otherwise, once you have run the downloaded file, isolate the device from the network you are connected to so that the possible infection does not spread to other devices. Run a full scan with your antivirus and proceed to disinfect it. When in doubt, consider factory resetting the device to ensure it is completely erased (it is advisable to back up any information you want to keep).
It also takes screenshots and saves email and communication related to the case in order to have evidence of fraud and thus file a complaint with the state security forces and organs.
Finally, and to get evidence certifying domain content, you can use online witnesses. In this case, the DGT provides a citizen service telephone number, 060.
Source: La Verdad
I am Mary Fitzgerald, a professional journalist and author of the Today Times Live. My specialty is in writing and reporting on technology-related topics. I have spent the last seven years extensively researching and understanding the field of technology so I can properly inform my readers about developments in this ever-evolving world.
