Image of what a computer hacker could look like.
Credit: Fam Veld/Shutterstock.com

Be aware that a new email scam is doing the rounds impersonating the two Spanish banks, Santander and BBVA.

ย 

Internet scams unfortunately are the order of the day. So much so that the Internet Security Office (OSI) has once again detected a new campaign involving a malicious email scam impersonating the identity of two Spanish banks, Santander and BBVA.

These emails have the usual suspicious files attached that pretend to be an invoice for a payment or a payment settlement. In reality, they are a Trojan-type malware which is being distributed.

In the case of Banco Santander, the email is sent by the user โ€˜[emailย protected]โ€™ โ€“ simulating an official Santander Group account. Its subject line is โ€˜Confirmation โ€“ Payment notificationโ€™, in order to capture the attention of the victim and ultimately spread the malware.

Image of Banco Santander scam email. Credit: OSI

The body of the mail informs the recipient that a payment settlement letter โ€“ a zipped file that is actually malware โ€“ is attached. โ€˜To gain the userโ€™s trust, it provides online security advice via a linkโ€™, the OSI explained.

These emails do not appear to have any spelling mistakes, although they lack the entityโ€™s logos and the format is very simple.

When checking the details of this supposed letter and unzipping the file, the name of the executable (.exe) file is usually a succession of numbers and letters such as โ€œ210909836-042205-sanlccjavap0003-3991.exeโ€.

In the case of BBVA, the email comes from the account โ€˜[emailย protected]โ€™ โ€“ again simulating an official bank account. The subject line is โ€˜BBVA-Confirming Facturas Pagadas al Mencimientoโ€™ (BBVA-Confirming Invoices Paid on Maturity).

Image of BBVA scam email. Credit: OSI

โ€˜The format of this e-mail address is very different from the one used by the bank. The domain has no connection with BBVA, which may give us a clue that it is not genuineโ€™, explained the OSI.

There are no spelling mistakes in the body of the mail, although, as in the previous case, it lacks the logo of the entity and the format is very simple. It talks about information related to โ€˜invoices paid on maturityโ€™ and attaches a compressed file, which supposedly contains the invoice.

This e-mail also tries to gain the userโ€™s trust through security advice. It reminds them which data should not be provided by this means, as well as using formal warnings that are common in many entities, which talk about the privacy and confidentiality of the attached data.

After downloading the malicious file and unzipping it, you will see a name like โ€˜InvoicesPaidOnDue.PDF.vbsโ€™ โ€“ although it may look like a PDF file at first glance, it is actually a Visual Basic script (code tool), as reported by larazon.es.

___________________________________________________________

Thank you for taking the time to read this article. Do remember to come back and checkย The Euro Weekly Newsย website for all your up-to-date local and international news stories and remember, you can also follow us onย Facebookย andย Instagram.

Found At: Spanish banks latest email invoice scam that is doing the rounds

Leave a comment

Leave a Reply