As the pandemic progresses, hackers have found more and more opportunities to steal your personal information through e-mails that combine a “legitimate” look with people’s personal situations during this crisis. Don’t fall for it. Keep reading.
As we’ve covered in this space before, phishing is the practice of using legitimate looking e-mails to trick you into giving up your personal data, be it your passwords, bank account numbers, or any other useful data for hackers to either steal your money or sell it to other nefarious characters or groups. This is extremely common, as hackers attempt to steal your Apple ID or Paypal information or bank account. Most of those look exactly like the company e-mails, but as we’ve all smarted up to their scheme, they needed to find new e-mails to trick us.
We’ve seen the “Correos” or postal service “facturas” (invoices) before, but now, they’ve added all sorts of government agencies to their arsenals, and the number has been increasing exponentially. Here are some examples:
These are just some examples of these. We’ve blocked the images and only added where we knew the logos were, but the full versions look even better and more tempting. Some are better than others at fooling you, and though these are from Spain, they’ll include whichever country you’re located in. Most government e-mails aren’t pretty, and because of the information presented, depending on someone’s situation, they might easily fall for it and click. From there, a “legitimate” looking website will be happy to steal your information.
Some of these might seem harmless. They might only take your “address”, but when you consider that most of our private information is out there on the internet in some form or another, your “address” might be the missing piece of information for a hacker to piece all the parts together and have the data needed to empty your bank account. It might be as simple as stealing your identity to get some credit cards, destroying your credit in the process. They could even use your data to commit criminal acts or access illegal or nefarious websites.
Remember that, even if innocent, sometimes the mere appearance of guilt is enough to scar you forever.
Opportunists are always around and ready to take advantage of people, sometimes positively, but mostly negatively. Now, in these particular cases, most of the addresses hidden behind the buttons have been “.ru” addresses, which means they come from Russia, but we’ve seen them from lots of other countries as well.
Don’t let these criminal hackers take advantage of your personal, pandemic crisis, be it a fine for breaking curfew or not wearing a mask, or a late payment or defaulting of a loan, or other legal situation. Don’t let them fool you into giving them your data simply because you’re in a tough spot right now. Don’t fall for it, and in fact, you can fight back by reporting the e-mail to the company or agency they falsely claim to be or even to the police.
Most companies have a “report phishing e-mail”. Search for the company and the words “report phishing” and go to that company’s website and follow the instructions to report it. If it’s a fake government e-mail, you can report it to the “Guardia Civil” or your country’s police department. Most likely they’ll ask to “Forward as attachment” to a specific e-mail.
And remember: Don’t download the images, don’t click, most definitely DO NOT OPEN the attachments, and once reported, delete the e-mail and if you sent a report, the sent e-mail as well.
Good luck and stay safe online and off, during this pandemic and beyond.
