Prevention on the Net
The National Police warns of a “smishing” campaign that impersonates Correos
It is a cyber attack in which the victim receives a short text message -SMS- that includes a link to install an application that pretends to be the official of the entity
If the download is accepted, remote access software will also be surreptitiously installed that can give attackers virtual total control over the affected device
In addition, the installed malware will access the victim's phone book and send similar messages to all contacts in order to maximize its spread.
The National Police recommends not downloading applications from unofficial markets and, in the case of having the malware installed, restoring the device from the factory for removal due to the difficulty of uninstalling
15-January-2021.- The National Police, within its continuous cyberpatrol on the Internet, has recently detected a “smishing” campaign that impersonates Correos. Specifically, the cyberattack is carried out through a short text message -SMS- that the victim receives on his device and that includes a link to install an apk application that appears to be the official of the entity.
Once the victim accepts the download, in addition to the aforementioned simulated apk, remote access software will be surreptitiously installed which, in the first instance, will request the permissions to receive, read and modify SMS.
After analyzing the malware, the agents have detected that it has a tremendous damaging potential with the ability to access the address book and send analog messages to all contacts to maximize its spread, in addition to being able to grant attackers virtual total control over the infected device . The SMS of origin come from Spanish mobile numbers, and that the link to download the apk has a similar appearance to that of the Post Office, without corresponding to its official domain.
The National Police recommends not downloading applications from unofficial markets and acting with caution when managing access permits, always acting with common sense. In addition, it is recommended to victims of detected malicious software that, given its difficulty in uninstalling it, it is necessary to factory reset the device to proceed with its complete removal.