MADRID. – ESET has warned of a new way to spoof email based on sending emails purportedly from WeTransfer, which includes Fraudulent links.

Sending false summons to court has become one of the most widespread and used methods before cyber criminals To trick their victims into accessing their electronic devices.

ESET has discovered a method by which cybercriminals use court history, posing as a law firm, to send a series of malware files via WeTransfer.

As explained on his blog by the Director of Research and Awareness of this company, Josep Albors, in the text of the letter, a series of links are provided to the alleged download of files indicating a judicial action and a violation allegedly committed by him the victims.

Believing it to be a real file and being concerned about it, many of these people end up clicking on links that cybercriminals include in emails.

Once they click on those links, they are redirected to a web page that looks very similar to WeTransfer, a method already observed in November 2020, when several campaigns aimed at stealing credentials by installing malware were discovered.

Once on the supposedly legitimate webpage, a login menu is displayed that users can confuse and enter their real credentials, both email address and password.

How to detect that the link is fake

• First of all, the URL should be reviewed and checked if it matches the original.
• The problem with fake web pages is that they present a more complex look each time, so many users consider them valid simply because they include HTTPS and have a security lock.
• Check the domain registration history. If the website is new, and it has not been more than a month, this may indicate that the website is not secure, as it was created exclusively to act as a bait in this type of attack.
• Another aspect that determines the supposed legitimacy of these web pages is the origin of their registration.