The Central Information Security Brigade of the National Police has issued an alert about a recent wave of cyberattacks directed against Spanish architecture companies (but which “may expand to other sectors in the future”) through a ransomware campaign that they describe as “of high sophistication”.
This attack, which resorts to spoofing, is using Scam emails posing as Fotoprix companya well-known photographic company.
Cyber criminals send messages from a fake domain, “fotoprix.eu”, requesting budgets for reforms in their facilities. The sophistication of this strategy lies in the fact that the messages are extremely consistent and appear to be legitimate, which reduces the suspicions of the victims.
After several email exchanges, the attackers propose to set up a meeting to finalize the budget. However, before the meeting, they send the victims an attachment containing details about the alleged reform.
By downloading and running this file In their systems, company terminals are automatically encrypted, leaving victims without access to their files and data.
Once the files are encrypted, cybercriminals demand a rescue to unlock the data. Instructions for making the ransom payment are included in a text file that is copied to affected systems.
This extortion tactic is characteristic of other ransomware attacks, where attackers seek financial gain in exchange for restoring access to victims’ files.
The high level of sophistication of the campaign makes it difficult for victims to suspect the hoax until they have already been affected.
DO NOT BE FOOLED! The main SCAMS in ONLINE SHOPPING and HOW TO AVOID THEM
Tips to consider
The Central Cybercrime Unit of the National Police continues to work to track and contain this threat, but it is essential that companies remain vigilant and take proactive measures to protect themselves against these types of increasingly sophisticated cyberattacks.
Faced with this situation, the Police have developed the following basic recommendations to avoid being a victim of these attacks:
- Beware of unknown emails: Do not open e-mails from unknown senders or those that have not been previously requested.
- Avoid suspicious downloads: Do not download email attachments from unknown senders.
- Keep systems up to date: Always keep the operating system and antivirus software updated to mitigate possible vulnerabilities.
- Make backups: Make backup copies periodically and in independent systems, so that in the event of an attack the data can be recovered without the need to accept the payment of any ransom.
Via | Ministry of the Interior
Image | Marcos Merino through AI
In Genbeta | If ransomware was not enough, now scams based on fake cyberattacks are here. They threaten to publish data they do not have