if it came to you an Endesa invoice By email, this is probably the scam that researchers from cyber security company ESET Estaña have detected. Computer criminals have impersonated company identities to try to defraud large numbers of users.
While experts often recommend that we pay attention to misspellings, corporate image and consistency of what is said, the latest scams show that cyber criminals have become more experienced and better at duplicating companies. In the case of the scam that Endesa uses as bait, it stands out for using valid logoThe corporate colors And a Very Similar Invoice Template a la the original.
The fact that the email looks so much like what Endesa could send makes it easy for someone to fall for the hoax. The message contains a link that redirects the user to download a compressed (.zip) file From servers controlled by hackers.
The name of the file is ‘EndesaFactur’ followed by a number which weighs in at 4.9 megabytes. When unzipping it, users will have a 278.6MB file And inside it hides malware, possibly from the Grandoreiro family of banking Trojans, according to ESET.
Users who are aware of the number of megabytes should already be suspicious, however, some people do not see what the files occupy before opening them. Too, File format is also not common On these invoices (.msi).
Cyber criminals display a loading animation on the screen when the malware is launched, indicating that the file is being loaded. Trojan will be enabled after install access bank information As soon as the victim opens his account from the web.
Sign up for our newsletter and get the latest technology news delivered to your inbox.