Alert! Back invoices that infect your PC with malware

[OyaYansa]

it carefully checks the emails in your inbox because the email campaign with attachments that infect your PC with malware has returned to the load. This is warned by the Office of Security of the Internet (OSI) of the National Institute of Cybersecurity (INCIBE), which points out that it is a similar attack to that happened in late August in which criminals deceive the victims into executing a document of malicious Excel.

According to the OSI report, the subject of this email is usually Invoice: FACV201700000577, although the last three digits may vary. The content of the message is extremely brief, and only reports that the requested invoice is sent by mail.

The message encloses a file called FACV00000-021.xls or similar, which when executed shows an incomplete display, as you can see in the image below. Cybercriminals do this on purpose, and even the document adds indications that it is necessary to enable the content to be able to correctly view the invoice.

In case the user clicks the button to enable editing, the installation of a Windows Trojan called Zbot, also known as Zeus, a malware that has been active for many years and of which there are multiple variants, will be carried out in the background. is specialized in the theft of bank data.

If you have received a message of this nature and you have fallen into the trap, analyze your computer with anti-virus software as soon as possible to disinfect it, and if you need to contact the INCIBE Response and Support service to help you. To avoid being a victim of such attacks, never download attachments from unsolicited emails and always be wary that the documents ask you to enable macros or leave the protected view.