Kaspersky has detected a new phishing campaign that, through fraudulent emails, impersonates the identity of the Revenue Agency, inviting users to file a declaration or make a pending payment of income tax.
The emails usually have the title 'Judicial Blocking - Suspended Bank Account' or 'Payment Reminder' and contain different types of links that allow the user to click and download malware to their device. To do this, cybercriminals use different arguments: a tax receipt or an invoice with the amount to be paid is attached. The sender's address contains the government domain »gob.es«, which can be easily falsified.
According to Dani Creus, Senior Security Analyst for Kaspersky's research and analysis team (GReAT), “Phishing is and will continue to be a major vector of initial infection. The number of attacks is constantly growing. We urge all users to exercise utmost care and be cautious in detecting these emails of suspicious origin. Falling into the trap of this type of scam opens the door to various malicious operations, from the theft of money to putting corporate networks at risk, if done by corporate email "
To avoid being a victim of phishing, it is important to consider a number of preventative measures:
- Apply caution, including in messages from official bodies. It's not that difficult to create a fake letter that looks real.
- Pay attention to the text of the message. Companies or recognized official bodies do not send emails with an incorrect format, grammar or spelling errors.
- Don't open attachments or click links in delivery service emails, especially if the sender insists. It is preferable to go to the official website and log in from there.
- Use a reliable security solution like Kaspersky Security Cloud, which identifies malicious attachments and blocks websites for phishing.