We have detected a phishing email as if sent by the BCRA, with the following subject: “[IMPORTANT] information to members”
This email purports to be an email from the BCRA and is sent from email@example.com, an account that does not belong to the BCRA. BCRA’s email addresses have the following official domain: @bcra.gob.ar. It is worth pointing out that the BCRA does not request personal or banking data by email.
If you receive such email, we recommend you immediately remove it as it is a phishing attack, i.e., a deceptive email that pretends to be legitimate and is used to obtain banking and personal data.
They usually display some or all the following telltale signs:
1. Sender: unknown contacts or contacts purporting to be sent from the official domain of recognized organizations or individuals, usually misspelled.
2. Email address: even when it looks like a real address, generally, a letter may be added, deleted or replaced by a number. For example: hxxps://banco-central[.]xxxxxx[.]com/xxxxx (the right address is: https://bcra.gob.ar/).
3. Subject and content: usually phishing involves an unexpected email requesting immediate action or informing about imminent danger.
4. Links and attachments: the content usually redirects to links or requests data or downloading malware files known as virus.
Transcription of the fake email detected:
Date: August 8, 2020, 16:55:12 ART
Subject: [IMPORTANT] information to members.
We detected unusual activity on your cards.
Dear Client: firstname.lastname@example.org
The large number of cases of phishing attacks we have identified on the Internet led us to implement together with American Express (American Express Argentina S.A.), Visa (Grupo Prisma), and Mastercard (First Data Cono Sur), a data validation process to ensure the security of each transaction. It is a quick one-time process. Es un proceso rápido y que solo se llevará a cabo una vez.
Complete the security process here.
August 14, 2020.