If you receive a fine from the DGT in any of these ways, be careful, it is false
The National Police and the General Directorate of Traffic warn of a new phishing campaign in which criminals falsify fines in order to defraud the victims.
A traffic officer can issue a fine on the road, but there are other circumstances in which the penalty is notified days later without the person being aware of having committed an offense. This surprise and somewhat more confusing procedure is being used to fool some drivers.
The fine notice arrives via email, with the subject “Fine not paid” and on behalf of the Ministry of the Interior. Then, the body of the message tells the victim that an unpaid fine has been detected in their name and that they can access the notification from the link in the email.
As usual, the link directs the person to a fake website which imitates the DGT website, where automatically download a compressed file in .zip format that pretends to be a fine. However, it is a malicious file that compromises the security of the computer, allowing the cybercriminal to remotely access the infected device.
It is a phishing technique known as email spoofing, in which an attempt is made to impersonate the identity of a known sender, such as the DGT or large companies that the user usually trusts. Each time the file is downloaded again, it acquires a different name, but always within the same pattern of numbers and letters, MULTA_000000_XXX.zip.
The National Institute of Cybersecurity, INCIBE, collects all the information related to this new phishing scam and provides a series of tips to detect this and other similar scams. To begin with, it is important to know that the DGT does not notify any data or infraction by mail, it only uses certified mail or through the application and website where we must accredit ourselves with a digital certificate to see our personal data.
In any case, if any similar email with a link is received, You should never click on the links or download any attached file. It is much more advisable to access the official page of that supposed entity or company that sends the message through a foreign channel such as the browser and check the information there.
In the case of the DGT, it is simple thanks to its online service in which it is possible to consult personal data, fines paid or not, and other details. But never through an SMS or email. If you suspect that the message is false, it is advisable to contact the authorities to consult the procedure to follow and report the scam. INCIBE has a telephone line for these types of inquiries.