ESET Latin America detected a fake email campaign in Mexico that is circulating mainly among residents of the capital, posing as the local government.
ESET Latin America detected a fake email campaign in Mexico that is circulating mainly among residents of the metropolitan area of the capital; it is a copy of a text message issued by the local government where the victim is induced to pay a fine, a deception known as phishing.
Phishing is “a social engineering technique in which the victim is tricked into revealing sensitive data, such as financial and personal information, which will then be used by cybercriminals to commit scams,” says the cybersecurity software company.
Also, part of the deception is the sense of urgency they indicate in their message; for example, when they mention that there is a court summons or a fine to pay, something to watch out for since it is increasingly common for criminals to use Artificial Intelligence (AI).
The use of this technology improves the writing and communication of messages, which makes the victim fall for a deception that turns out to be convincing.
Development of the scam
Cybercriminals send text messages to victims, asking them to pay a fine in less than 24 hours to avoid a surcharge:
Text message (SMS) that arrives with a suspicious link. Photo: Courtesy of ESET Latin America
After they contact the victim by text message and open the link, the following page is displayed:
Fake site that impersonates the Secretariat of Administration and Finance of Mexico City. Photo: Courtesy of ESET Latin America
In the “Debt Inquiry” section, the license plate number will be requested and when clicking on “Search”, the legend will appear that a validation would be done in their Database; At this point, the victim begins to enter personal information that is provided to cybercriminals:
Fake site asks for license plate information and sends the entered data to a supposed validation. Photo: Courtesy of ESET Latin America
This is followed by a screen with the supposed “Penalties to pay” where the license plate number entered is displayed; the cost of the supposed fine can be seen and how much would be paid at the time, with a discount included, and then an apparent validation is performed again:
Fake site informs of a supposed discount if paid at the time. By clicking on “continue”, it sends the entered data to a supposed validation. Photo: Courtesy of ESET Latin America
The victim is directed to a form where personal data is requested that is used for future scams. Once filled out, the victim clicks on the “Continue” button and a form appears where financial data is requested in order to pay the fine:
Supposed form to confirm data. By clicking on “continue”, it sends the victim to the form where financial information is entered. English:Photo: Courtesy of ESET Latin America
But, even if the payment request is sent, the “Please wait a moment” message appears again and the process continues; at this point, the victim’s personal data has already been obtained.
It should also be noted that the links on the rest of the page do not work, so they are only decorative with the intention of improving the deception.
Don’t fall into the trap!
When you receive this type of message, follow these instructions:
Verify the source of the message and carefully review the URL of the link.
Do not share personal information and if in doubt, better visit the official website, in this case, of the Secretariat of Administration and Finance of CDMX, or the one indicated in the message.
Look for warning signs such as spelling mistakes, grammatical errors, generic greetings and texts with a sense of urgency.
Enable two-step authentication on your accounts to add more security.
Update your software and security tools, as they usually include patches that protect against vulnerabilities.
Source: eleconomista
