Cybercriminals have once again implemented different deception techniques to infect their victims’ devices and extract as much confidential information as possible. The only purpose is to empty your pockets and earn a good amount of income. And the worst of all is that the Grandoreiro malware, one of the most dangerous viruses that currently exists, is the protagonist of this new fraudulent email campaign. In the following lines we tell you how to protect your data.
In these times, technologies have evolved rapidly, as have hacker groups that orchestrate cyber attacks with ingenious tricks that are increasingly sophisticated. There is no doubt that we must be alert even on vacation, since evildoers do not rest any day of the year.
During the last few hours, the INCIBE (National Cybersecurity Institute) has released a statement to all citizens to warn of the return of the famous Grandoreiro malware, which is currently acting aggressively and sharply on the personal data of any user. In fact, several phishing campaigns have already been detected that compromise your security and steal all your credentials. What to do to solve this dangerous situation?
Impersonation of energy companies
One of the main misdeeds that scammers commit to deter their victims is to impersonate well-known companies. On this occasion, a brutal evil source has been detected that comes from a malware distribution campaign through emails that impersonate Naturgy, Endesa and Iberdrola, three important Spanish corporations that have thousands of clients registered in their respective portfolios.
In the body of the message you can see the dissemination of an alleged pending invoice that is attached to a .zip file, the main subject of this criminal activity. Likewise, you are informed about the claim for an outstanding debt that must be paid as soon as possible to avoid receiving sanctions. However, notifications are also received indicating that the invoice for the past month can now be downloaded.
If by some chance you click on the download link and, consequently, run the installable, it automatically injects a computer worm into computers and other devices to take control of them and begin to wreak havoc. This is neither more nor less than the dreaded Grandoreiro malware that mainly affects bank accounts.
How to protect my privacy?
Three clearly differentiated scenarios can arise. On the one hand, if you have received an email with the instructions mentioned above, and you have not selected the executable document in question, send the email to the spam folder and delete it terminally. If you have fallen into the trap and downloaded the attached file without running it, don’t worry, because you can send it directly to the trash and then right-click to empty it. But it can be even more problematic if you have finally double-clicked the file.
In the latter case, the procedure to follow is the following:
- Disconnect the WiFi connection from your device to prevent it from spreading to more devices.
- Run the antivirus to make sure that the malware is completely eliminated and out of threat.
- Collect captures and all possible evidence to report it to the police.
- Always compare the information with official companies. In this case, you can go to the websites or portals of Naturgy, Endesa and Iberdrola or call by phone.
