It is proven that, no matter how much we want to flee from cyber attacks orchestrated by hacker groups, our confidential information is still at risk. During the last few hours, the alert has been raised about the intrusion of a new cyber threat that corrupts the data protection of Spanish users and, especially, university students. Security agencies have already gotten to work to warn of the damage it can cause and how to avoid it.
We live in an era in which we are not exempt from receiving fraudulent calls or malicious text messages in order to extract all the documentation necessary to profit. And the worst of all is that, in many cases, they manage to deceive us. Strange as it may seem, these types of deterrent maneuvers are becoming more and more frequent, so that social engineering strategies become the key point to collect all possible victims and extract data and privileged information.
In the matter at hand, the National Security Institute (INCIBE) begins to alert the entire population of a dangerous scam that is beginning to bear fruit with an impersonation of universities throughout Spain that you should ignore above all else. But how do you identify it and what steps to take to avoid falling into the trap?
How to detect email that impersonates universities
Like every year, in mid-September, the academic calendar of Spanish universities begins to give its starting signal to begin the new course. But a few months before, you must register to complete the prescription at the center where you are going to study the requested degree. It is at this precise moment when the attackers use their ingenuity to take advantage of the situation and cast doubt on their recipient, in this case, the university student.
Thus, cyber threat detection experts have intercepted a wave of fake emails posing as different universities in Spain. In the subject of the message, a mention of a pending tuition payment is clarified with the name of the faculty in question, and in the body of the notification an account number appears to which the relevant transfer must be made and, then, the proof to a specific email address.
The most affected universities are the Autonomous University of Madrid and the University of Valencia, but many others in Spanish territory could have been replaced. Be that as it may, the subjects of the emails are usually identified with the following alerts:
- University of the Basque Country Registration Pending Payment
- Universitat-de València Registration Pending Payment
- Pending Registration Payment
Steps to follow to avoid suspicious emails
INCIBE has offered the necessary keys to avoid at all costs any email that poses a danger to the data of all citizens. So if you are a university student and have received the fraudulent email, but have not responded, call your university center directly and report the situation. Then mark the email as spam and delete it from your inbox.
Likewise, if you have clicked and made the transfer or provided documentation of your credit cards and other personal information, quickly contact your bank to block all your accounts. Hopefully, they can stop the operation and get the money back. Likewise, you can always collect evidence to report it to the police at the nearest office, with screenshots of the entire process.
