This is the “phishing” attack that impersonates the Government

Cyber ​​attacks are one of the main threats on the Internet, which do not stop infecting the network day after day, trying to get into any small security breach so that criminals can get hold of sensitive information or money from individuals, companies and even governments. So much so, that our country is the third in the world with the most cyber attacks on companies, since 94% of these have suffered a cybersecurity incident in the last year, according to a Deloitte study, which suggests that no one is at unless you fall into one of these traps.

One of the latest scams detected has been a “phishing” campaign -through the sending of fraudulent emails– that supplant the government using as a hook that there is an electronic notification of the supposed Cl@ve page.

In this sense, the user receives an email from the Government, whose sender is [email protected] and has the following subject: “Notice made available of new electronic notice.” The email address should set off the alarms of potential victims, since from the Twitter account @incloinfo they explain that the correct one is [email protected]without any hyphen and with the domain correo.gob.es. “In FALSE emails, links are provided to a simulated Cl@ve identification page, where they ask for your email and password,” they say in the tweet.

The following message appears in the body of this email: “We inform you that a new notification is available for [email protected] with NIF/NIE ***09**** as owner with the following data”. Although it is very similar to the information contained in the original email, it must be taken into account that the Government will always put the name and surname of the recipient and not the email.

Also, like every phishing scam, this email contains a couple of links that redirect the victim to the Unique Enabled Electronic Address (DEHÚ) of the General Access Point, however, these are false links to the Cl@ve access page to obtain your sensitive data.

After clicking on these links, the alleged Cl@ve access page appears on the victim’s computer screen, where the cybercriminals request the email address as well as the email password. Nevertheless, On the official page, to register the DNI/NIE is requested and never the email, and the Cl@ve password, not the email.