The sender is listed as ” Ministry of Labor ” and the subject reads: ” Urgent – Extrajudicial Work Process ” accompanied by a file number. However, as the National Cybersecurity Institute (Incibe) warns, it is not an official communication from a public body. It is a full-blown fraud .
The Incibe, dependent on the Ministry of Economy, has detected this massive campaign of fraudulent emails that seek to supplant the Ministry of Labor and Social Economy . However, its real function is not informative, but rather seeks to distribute malware on our computer .
The malware is an acronym formed from the English words malicious software ( malware , in Castilian) which has harmful effects on our computer, tablet or mobile phone.
In these scam emails , the recipient is informed that an out-of-court process related to his current employment situation has been opened .
A communication that, although totally false, can gain credibility due to the social context . Millions of workers are in a situation of erte and thousands of companies are expected to declare new erte due to the timid economic recovery and the collapse of tourism during the second quarter.
The fraudulent email contains a random file number that supposedly corresponds to the recipient . In addition, it has an attachment that, under the guise of a PDF document, downloads a compressed file in ZIP format that actually contains a Trojan horse .
A Trojan is an apparently harmless computer program (and usually disguised as another program or file) that allows a remote user to take control of the infected computer .
Once the victim has downloaded the file , their computer’s security is compromised . Criminals can freely roam your computer and access sensitive documents, files, or banking information on your computer.
WHAT TO DO IF YOU HAVE RECEIVED THIS EMAIL?
First you should check the sender’s email address. Although it says “Ministry of Labor”, these emails are not sent from an official government account . A good trick for this is to see the address behind the at sign and, if in doubt, check it with the actual addresses of said official body.
If you have received the email and have not opened it, you should delete the message immediately .
If you have opened the email but have not previewed or downloaded the attached PDF, you must also delete the email.
In case you have previewed and downloaded the PDF, you will have no choice but to do a complete scan of the entire computer with an antivirus and follow the instructions marked by it to eliminate the malware .
TIPS FROM THE INCIBE NOT TO BITE INTO THESE SCAMS
In addition to notifying about the problem, the Incibe provides a few tips on how to avoid itching in these types of emails .
You can see them in the following list:
Do not open emails from unknown users or that you have not requested: delete them directly.
Do not reply in any case to these emails.
Check the links before clicking, even if they are from known contacts.
Be wary of shortened links.
Be wary of attached files, even if they are from known contacts.
Always keep your operating system and antivirus updated. In the case of antivirus, check that it is active.
Make sure your employees’ user accounts use strong passwords and do not have administrator permissions.