The National Institute for Cybersecurity (Incibe) has reported that it has detected a campaign of emails that try to impersonate the Ministry of Economics and Business for the distribution of malware (malicious software).The fraudulent email is sent from an account that does not belong to the official domain of the Ministry under the subject “an Important Document of the Ministry of Economy and Enterprise”.is Not discarded that they may be sending other emails with other things like or even different.The content of the email corresponds to a document in which it informs the user about various issues of the electronic certificates.At the end of the email are invited to download more information by clicking on the button that takes the text “Find more important information” and, to do so, download a malicious file on the computer of the victim.If the user clicks on the button, this will download to your device a fichero Word that, when you open it, it asks you to enable macros (programs that run when you open the document), after which it displays a fake error message.The purpose of that error message is “to evade detection of malicious code by antivirus as well as other tools of detection of malicious code, which does not complete its execution until the user presses “Ok” in the pop-up message”.The Incibe advises those who have received a mail of these features and have followed the instructions in the same as that applicable to the disinfection of the computer for what it makes available to the user, a link with instructions in your web page.
— INCIBE (@INCIBE) November 8, 2019
If during the disinfection process, doubts arise or the user does not know how to do this, you can contact with the management team of incidents of Incibe-Cert, in which a technician will help you to solve the doubts.Reminds you of some guidelines to avoid becoming a victim of fraud, such as do not open emails user unknown neither respond to them nor send personal information and delete them directly.In addition, recommended to have caution when clicking on links and downloading files in email, SMS, messages on WhatsApp or on social networks, even if they are from known contact, and always be upgraded the operating system and antivirus.
Phoneia.com (November 12, 2019). Warn of fraudulent e-mails that spoof the identity of the Ministry of Economy and infect the computer. Recovered from https://phoneia.com/en/warn-of-fraudulent-e-mails-that-spoof-the-identity-of-the-ministry-of-economy-and-infect-the-computer/