The cybersecurity company Avast detected an active campaign of banking Trojans called “Casbaniero” directed at Mexicans; through emails of alleged digital tax receipts.
The company in charge of analyzing cyber threats detected that, since the beginning of July 2022, more than 15 thousand users were detected in Mexico who received a type of attack.
The new attack steals browser passwords, customer emails, clipboards, and website login credentials by detecting keystrokes made by the user while entering data.
It also steals information about the user’s computer and replaces crypto wallet addresses on the clipboard; Therefore, the main objectives are detected in the information and financial resources of the victims.
Mode of operation
The banking Trojan is spreading via emails from , which include a “digital tax receipt” (it has sent you a digital tax receipt).
The attached file is an HTML file called an “invoice” that leads to a web page. The webpage displays an image of an invoice with a download link below it.
When the link is opened, a file with a malicious script inside is downloaded. Once the file is clicked, the malware downloads and starts stealing information.
How to protect yourself?
Avast recommends having an antivirus. A solid antivirus tool from a reputable provider will automatically keep Trojans out of your device.
Choose one that works as a removal tool that can also detect and remove Trojans and other malware from your devices.
Do not open unknown email attachments or click on strange links. Fraudulent emails are a popular method of spreading
Don’t click on attachments or links in emails you don’t expect to receive; even if the email looks legitimate, it can be spoofed by a hacker.