Last week we published a post on phishing attacks on COVID-19 and among tips for the detection of this type of attacks, we commented about a ransomware called NetWalker which has the capability of infecting users via Coronavirus phishing. 

Spain has been the main target of a banking Trojan called Ginp. Its purpose is to supplant the apps of Spanish banks in Android. The users may think they are using the bank's app, but they are actually providing their data to cyber criminals. Security experts have pointed out that although a numerous of phishing attacks have taken place during the pandemic, Ginp has been one of the first cases observed where a banking Trojan tries to operate during Covid-19.

But this is not the only recent case of cyber attack in Spain as a new smishing campaign has been detected. This campaign tries to supplant the Public Employment Service by communicating to the individual (via SMS) a temporary collective dismissal at their company and requesting banking information. All the victims of fraud who have provided personal and banking information should contact their bank to notify them about the situation and the information they have provided. As a general guideline, to avoid being a victim of this type of fraud, the Spanish National Cyber Security Institute has recommended the following:

  • Do not open links in SMS from unknown or unsolicited users.
  • If the message comes from a legitimate bank, it will never contain links to your login page. So be aware of this!
  • Do not answer these SMS under any circumstances.
  • Use caution when following links or downloading attachments in e-mails, WhatsApp messages, or social networks, even if they are from known contacts.
  • Keep your operating system and applications up to date.

For detailed information about how your organisation can implement effective cybersecurity measures, see our Cybersecurity Toolkit