affects the money in your account
CaixaBank users could be victims of a new scam. This time, the fraud has occurred through email. The cybersecurity company Avast has alerted about the system used by cybercriminals to defraud bank customers.
The main goal of internet scammers is to gain access to users' bank accounts. Therefore, one of the easiest ways to achieve this is through financial companies. Scammers impersonate banks to gain the trust of customers so they can steal from them.
CaixaBank was one of the last companies affected and, in this case, the fraud was carried out by email. The operation, also known as 'Malspam', consists of sending users malicious emails supposedly signed by the Catalan entity.
'Malspam': this is how the scam works through email
The practice of 'Malspam' is based on sending emails with fraudulent documents attached, called 'malwares' (in Catalan, malicious software). The emails are sent under the false signature of a trusted company to capture the attention of the scammed.
Cybercriminals use this tactic to infect scammed devices. In this way, they have remote control of the system and can carry out the relevant operations.
CaixaBank customers on alert for the new scam
CaixaBank is once again the victim of identity theft. This time, the scammers have used his image to defraud the clients of the Catalan bank through email. This has been exposed by Avast through a statement.
To carry out the attacks, cybercriminals use the sender "Buzón UAFE" and the addresses "email@example.com" and "firstname.lastname@example.org". Emails detected as fraudulent are sent with the subject UNPAID and have an attached document that, at first glance, looks like an invoice.
Clicking on the file, named “liqefe096543.rar”, automatically downloads a second file named “liqefe096543.exe”, a malicious virus known as Guloader.
Through this malware, hackers can access passwords, take screenshots, steal private information, and install other viruses. As often happens in these cases, scammers have easy access to the bank account and private data of the victims.
As detailed by Avast, these fraudulent emails usually contain a text message "vague and inconclusive to make the user doubt." This increases the chances that the victim will click on the attached file to find more information.
Avast has detected three avalanches of attacks
Avast warned of the scam through social networks last August. According to the internet security company, more than 7,000 email fraud attempts were prevented this summer.
In this sense, three avalanches of attacks were detected: July 21, July 26 and August 2. This is also part of the strategy. Scammers take the opportunity to send multiple emails in the same day so as not to arouse suspicion.
How to detect possible malicious emails?
The cybersecurity company exposes a series of recommendations to help users avoid falling for these attacks. According to Avast, in case of suspicion, it is best to directly block and delete the email and contact the company by phone or through its official website. In the same way, it is important not to open the links or attachments to prevent possible viruses from being executed.
In case you have clicked on any suspicious links or attachments, Avast advises to change your passwords immediately. Also, the company recommends scanning your device with an antivirus program to detect any threats.
Leave a Reply