Bank Security | Phishing Email Pretending to be from the BCRA

BCRA phishing

We have detected a phishing email as if sent by the BCRA, with the following subject: “[IMPORTANT] information to members”

This email purports to be an email from the BCRA and is sent from xxxxx@bcra.com, an account that does not belong to the BCRA. BCRA’s email addresses have the following official domain: @bcra.gob.ar. It is worth pointing out that the BCRA does not request personal or banking data by email.

If you receive such email, we recommend you immediately remove it as it is a phishing attack, i.e., a deceptive email that pretends to be legitimate and is used to obtain banking and personal data.

How to Recognize Phishing Attacks?

They usually display some or all the following telltale signs:

1. Sender: unknown contacts or contacts purporting to be sent from the official domain of recognized organizations or individuals, usually misspelled.

2. Email address: even when it looks like a real address, generally, a letter may be added, deleted or replaced by a number. For example: hxxps://banco-central[.]xxxxxx[.]com/xxxxx (the right address is: https://bcra.gob.ar/).

3. Subject and content: usually phishing involves an unexpected email requesting immediate action or informing about imminent danger.

4. Links and attachments: the content usually redirects to links or requests data or downloading malware files known as virus.

Transcription of the fake email detected:

From: BCRA

Date: August 8, 2020, 16:55:12 ART

Subject: [IMPORTANT] information to members.

We detected unusual activity on your cards.

Dear Client: xxxxx@xxxxx.com

The large number of cases of phishing attacks we have identified on the Internet led us to implement together with American Express (American Express Argentina S.A.), Visa (Grupo Prisma), and Mastercard (First Data Cono Sur), a data validation process to ensure the security of each transaction. It is a quick one-time process. Es un proceso rápido y que solo se llevará a cabo una vez.

Complete the security process here.

BCRA phishing

August 14, 2020.

Compartilo en Facebook   Compartilo en Twitter    Compartilo en Linkedin    Compartilo en WhatsApp