Be careful when you receive an email from Endesa: it’s a false invoice with a Trojan that will steal your bank details

if it came to you an Endesa invoice By email, this is probably the scam that researchers from cyber security company ESET Estaña have detected. Computer criminals have impersonated company identities to try to defraud large numbers of users.

While experts often recommend that we pay attention to misspellings, corporate image and consistency of what is said, the latest scams show that cyber criminals have become more experienced and better at duplicating companies. In the case of the scam that Endesa uses as bait, it stands out for using valid logoThe corporate colors And a Very Similar Invoice Template a la the original.

The fact that the email looks so much like what Endesa could send makes it easy for someone to fall for the hoax. The message contains a link that redirects the user to download a compressed (.zip) file From servers controlled by hackers.

When you unzip the file, it weighs in at 278.6MB.
When you unzip the file, it weighs in at 278.6MB.
ESET Spain

The name of the file is ‘EndesaFactur’ followed by a number which weighs in at 4.9 megabytes. When unzipping it, users will have a 278.6MB file And inside it hides malware, possibly from the Grandoreiro family of banking Trojans, according to ESET.

Passwords should not be reused on different platforms.

Users who are aware of the number of megabytes should already be suspicious, however, some people do not see what the files occupy before opening them. Too, File format is also not common On these invoices (.msi).

Cyber ​​criminals display a loading animation on the screen when the malware is launched, indicating that the file is being loaded. Trojan will be enabled after install access bank information As soon as the victim opens his account from the web.

Sign up for our newsletter and get the latest technology news delivered to your inbox.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button