NEW WAVE OF MALICIOUS EMAILS IMPERSONATING THE MINISTRY OF HEALTH DETECTED

In these uncertain times due to the COVID-19 pandemic and the new State of Alarm imposed across the country, hackers do not stop for a minute and take advantage of this scenario to try to bypass the most important security barrier in a Computer System: THE USER. To this end, campaigns of fake emails are continuously detected, pretending to come from public or private organizations, aiming for the user to "take the bait" and download malware, or be redirected to a fake portal where their email credentials or banking data will be stolen.

On this occasion, a wave of mass mailings of these fake emails has been detected, pretending to come from the Ministry of Health, Consumer Affairs, and Social Welfare, with the subject "Urgent - CORONAVIRUS Information," and whose text in the body of the message proposes the download, via a link, of a document with the protocols to follow regarding the current coronavirus situation. The intention is for the user to be carried away by the urgency and importance of the topic and click on the link for the supposed document download, which actually downloads malware onto the victim's computer. In some cases, the file downloaded through the link has been detected with the name "rnh_Fichero_ES.zip," although the file name may vary in some instances.

SOFT LINE recommends that if you have received one of these emails, delete it immediately and notify the rest of the users in your organization to prevent anyone from falling for the scam. Remember that the user receiving the email, besides being the most important security barrier, is also the weakest and easiest to bypass. Therefore, it is crucial to raise awareness among all members of your organization to avoid opening emails from unknown or suspicious senders, especially unsolicited or unexpected messages.

Always inspect all the details of suspicious emails and check that they are written in proper Spanish, without inconsistencies or grammatical or spelling errors, and that when hovering the mouse over the proposed link, without clicking it, the destination shown matches the sender's website or a known and trusted site. And, as always, make sure to have antivirus security and a backup system that guarantees data restoration in case of loss due to infection or encryption.