EFEMadrid Updated: Save Send news by mail electrónicoTu name *
Your email *
email *
The National Institute for Cybersecurity (Incibe) has detected a campaign of fraudulent emails impersonating the Labour Inspection and Social Security. The goal is for the user to download and open on your computer a Microsoft Excel file that contains a malware.
The attachment is actually a malware of type “keylogger”, that I could steal the access credentials for the services that use the company -e-mail, e-administration or e-banking – and that they are typed or copied to the clipboard, has informed this Friday the Incibe in a press release.
The scam e-mails identified use different domain names that spoof the Inspection of Labour and Social Security using a technique known as typo-squatting.
The senders identified follow the pattern “Work Inspection hh:mm xxx@itss.com” where hh:mm is the time in which it has been sent that e-mail, and xxx is a series of characters of the sender. The issue identified is “Official Complaint XXX , began an investigation against your company” company -where XXX is an alphanumeric code of between 6-7 characters-although it does not rule out the use of other different issues.
In the email, the user is informed that your company has been unable to adapt and respect the legislation in force with what has been reported. In the body of the message asks the victim to download an attachment to view these complaints.
This attachment is an excel spreadsheet with a macro to enable it downloads a trojan capable of stealing credentials of the computer of the user, as well as your browsing history, among other types of sensitive information.
To those who have downloaded and run the file, the Incibe advised to disconnect the device from the internal network of the company sa and to use an alternative. In addition, it is recommended to perform a scan with antivirus and follow the instructions marked by the same to remove the malware. You must also analyze the rest of the devices of the company with the antivirus.
Comments
