México.- ESET Latin America warned of a campaign of intimidation Mexico of email messages intended for users of the Tax Administration Service (SAT), which reaches the inbox of potential victims . 
in a statement, the company in proactive threat detection indicated that the fraudulent email prompts the user to regularize their tax situation, which is due to review an attached Word document (Informe_SAT.doc), the which will be downloaded from a website.
He explained that by doing so, the execution of macros or instructions that have already been programmed by the attacker, and that malware has been identified by security solutions will be allowed ESET as VBA / TrojanDownloader.Agent.ASR.
These macros, in turn, permit the downloading and execution of a second sample of malware, which itself has a PE (Portable Executable) format identified as Win32 /Neurevt.I.
therefore, ESET to check whether you trust the sender or publish the link, even if it relies on the platform, because if the link has been shared on the Intranet the company or a private group of WhatsApp no cause for concern.
in addition, ESET recommends question about the confidence you have in the link destination, because if you do not know, should not click on it and yes perform a web search and visit the web site through that route.
it also underlines that cybercriminals take advantage of any opportunity to make a user click on a link that leads them to a malicious web site, such as a natural disaster, Olympic Games or World Cup for phishing campaigns.
in the case of shortened links a cybercriminal can trim them using Bitly, goo.gl or any other service , in order for the user to rely on such a link as coming from a trusted source.
When combined with a real mail, adds ESET, the user might think that it is a legitimate message from a authentic or genuine user.
Based on the foregoing, ESET advises doubt emails inbox and use services like LongURL and cut CheckShortURL to restore to its original link.
No comments:
Post a Comment