The impersonation of banking entities by cybercriminals is a fairly common practice today with the aim of stealing access credentials to online accounts. In recent days, Avast itself has launched a warning in this sense when detecting a new campaign that is aimed at CaixaBank customers, especially.
As reported by Avast through your usual channelstheir email tracking systems have achieved block more than 7000 attack attempts that were received in an email that supposedly came from la Caixa, starting this new campaign in July 2022.
THEFT OF DATA AND UNSOLICITED PACKAGES WHAT IS BRUSHING
Avast warns of a new spam campaign in La Caixa
As we mentioned, since July 2022, more than 7,000 attack attempts have been detected, according to Avast from the email addresses UAFE Mailbox “buzon.uafei@caixa-bank.com”, and UAFE Mailbox “buzon.uafe@caixa-bank.com”. But what is really interesting is that this is a smart campaign, as not all emails are sent abruptly on a given day. It is decided against to make shipments on specific days, detecting these peaks on July 21 and 26, and also on August 2, 2022. This prevents these emails from being blocked by the system when sending them in bulk.
These emails meet a common point: the subject highlights the word “UNPAID” so that it can attract the attention of users, and after a short text they are invited to download an attached file titled as liqefe096543.rar. In the event that someone clicks and it is believed that this file contains the unpaid debt that exists with La Caixa, a malware called Guloader.
This by itself will not do anything, since you will need install a spyware called AgentTesla that is capable of knowing at all times what you are doing with the computer. This means that it will be able to steal passwords from browsers, access your email, and even know the email of your contacts. And this is achieved thanks to the monitoring of all the keys that you are pressing almost in real time.
From Avast they remember that no bank is going to send you links via email and much less files to download on your computer. That is why it is advisable in these cases to eliminate this type of message immediately, and if you have doubts about its content, such as if you really have an unpaid debt, call your branch directly.