INCIBE warns of a new scam that tries to impersonate both the Tax Agency and the FNMT and that seeks to obtain our personal information. We tell you what it is about and how we should react if we are one of those affected.
Internet scams continue their unstoppable rise. Based mainly on identity theft techniques that ultimately seek to access personal information or bank details in order to steal our money.
The last one that has been detected, as INCIBE warns, is passed through the Mint and Stamp Factory (FNMT) and the Tax Agency (AEAT). Through an email system, it seeks to steal our data through a malware attack by interacting with the file attached to the email. In this case, their detection can be easier, since even the two issues they use to deceive the victims are known. Below, we tell you everything you need to know.
Be careful with your email
If you have received an email in the last few days on whose sender appears to be the AEAT or the FNMT, and you do not have to receive communications from either organization, it is recommended that you take extreme precautions. Since it could be the aforementioned scam.
In the event that you have not interacted with it, the recommendation that INCIBE offers us is that we mark it as spam and delete it from our email inbox. If possible, without opening it. But what is even more important, without downloading any attachments that the application has. Since the type of malware that has been detected does not come into action with the opening, but through the attachment file that we find inside.
On the other hand, if we have been affected by the scam, and we have downloaded some of the different attachments, INCIBE provides us with the following action protocol:
- Must delete downloaded attachment from both the downloads folder and the recycle bin.
- Besides, unplug the device from which you downloaded and disconnect it from the home network. In this way, we will prevent the virus from spreading to the rest of them.
- Make a analysis of your team with your computer’s antivirus to find out the possible scope of the threat. If you have finally been infected, format your computer or, failing that, restore factory settings. If we do not know how to do it independently, we must go to a specialist to carry out this process.
How to detect if it is a scam
If we are self-employed or have requested recently the digital certificate, It is likely that we have received several similar communications lately and we are tempted to interact with emails. Despite this, the National Cybersecurity Institute of Spain alert that the emails have writing errors: with a strange order in the way the information is displayed or poorly formulated expressions that can cause a certain alert when reading the email carefully, as shown by the organization itself in their website in this screenshot:
As we mentioned at the beginning of the article, one of the key aspects in this entire identification process is what is related to the subject. In both cases, these are the two issues detected: “AEAT – Notification Notice” or “Expiration of your FNMT Certificate”. In addition, we must also stop to look at the official logos, since in this scam attempt the official logos have been ignored. In case of doubt, it is advisable to consult both the AEAT and the FNMT to find out whether or not it is an official communication.
