From the National Cybersecurity Institute, warn that they have detected a massive campaign of sending fraudulent emails that try to impersonate the General Directorate of Traffic (DGT) with the purpose of disseminating malware.

This is not the first time that cybercriminals have tried to impersonate public bodies or companies known as Netflix, Amazon, etc.. It is a trick that is already well known to many of us but is still being used, abusing people's trust in these entities to get them to fall into fraud.

They commented that the purpose of the campaign was to spread malware identified as Trojan Downloader or Dropper, which is designed to take control of the victim's computer and allow the cybercriminal to steal personal data or even infect with another type of malware more specific to their evil plans.

In this campaign, an email is sent to the user impersonating the Ministry of the Interior with the subject “Unpaid fine. – [id 796422183]”. In the email message, the user is informed that they have an unpaid fine and that they can download the notification from the link in the email.

The link for our supposed fine information is shown in the text “Access to Electronic Office” and when you click on it, a window opens to download a zip file that simulates the fine, with the name:

< <MULTA(random numbers)_(random_characters).zip>>

This zip file is the vessel of bliss malware which will compromise the security of our computer, although, luckily, many browsers detect it as malicious file and notify the user.

If you have downloaded and executed the file, it is very important that you scan your entire computer with the antivirus or a specific anti-malware program and follow the instructions given to eliminate the virus from your PC.

Tips to avoid falling into this type of scam

No Open emails from unknown or unsolicited senders. You should delete them directly.
No reply to these emails
Before clicking… Check the links in the emails.
Always be wary of attached files, even if they are from known contacts.
Always keep the operating system and antivirus updated and, in the case of antivirus, check that it is active.
Review your employees' user accounts, check that they do not have administrator privileges and that their passwords are strong.

As a last tip, it is important to periodically make backup copies and place them in a different place, whether it is an external hard drive or in the cloud. Check its frequency and that you have the knowledge to recover it. In this way, we have a lifeline if by some chance we are affected by an attack against our system or our data.

Source: INCIBE

Subscribe to our newsletter to stay up to date with all the news

Name and surname *

Email *

*I give my express consent and accept the Privacy Policy.

EIP International Business School informs you that the data in this form will be processed by Mainjobs Internacional Educativa y Tecnológica, SA as the person responsible for this website. The purpose of collecting and processing personal data is to respond to the query made as well as to send information about the services of the data controller. Legitimation is the consent of the interested party.
You can exercise your rights of access, rectification, limitation and deletion of data in compliance@grupomainjobs.com as well as the right to file a claim with the supervisory authority. You can consult additional and detailed information on Data Protection in the Privacy Policy that you will find in our Web page