Alert! The false fine of the DGT returns to infect your devices with malware
If you have received this fine from the DGT in your inbox, ignore it and delete the message as soon as possible. It is a malicious campaign to infect your devices with malware.
The National Cybersecurity Institute (INCIBE) has sounded the alarm: on its servers they have detected a new malicious campaign that impersonates the General Directorate of Traffic with the aim of infecting victims’ devices with malware.
Is about the false fine of the DGT, one of the most used strategies by cybercriminals to steal users’ personal and financial data, as well as to distribute malware.
On this occasion, the mechanics are similar to what we have seen on previous occasions. The victim receives an email informing them that they have an outstanding traffic ticket. According to INCIBE, the subject of the current campaign message is “Vehicle lock: fine not paid”, although it is not ruled out that criminals also use other similar issues.
As you can see on these lines, the email uses the official logos of the Ministry of the Interior and the DGT to be more credible. Nevertheless, the return address has no relationship with these agencies. The domains that are being used to carry out this campaign are finesdelministerio.es and finednopagada20, although it is possible that there are others as well.
The body of the message explains that there is a fine pending payment, and that to consult it you must click on a link that is included. Clicking on the link downloads a .zip file that supposedly contains the fine notification, but actually It is a file with malware that will infect your Windows computer if you run it.
It is important that you keep in mind that, in case you have a traffic ticket, the DGT will not send you a notification of these characteristics. For the traffic sanctions to reach you by email, first you have to register with the Electronic Road Directorate (DEV), and the official notifications do not have this aspect.
Therefore, whenever you receive an email of these characteristics, be suspicious and delete it, since it is a scam.