The WeTransfer link can give cybercriminals access to your devices

MADRID. – ESET has warned of a new way to spoof emails by sending emails allegedly from WeTransfer, which includes Fraudulent links.

Sending false court summonses has become one of the most widespread and used methods before cybercriminals To trick their victims into accessing their electronic devices.

ESET has discovered a method by which cybercriminals use criminal history, posing as a law firm, to send a series of malicious files via WeTransfer.

As explained on his blog by the Director of Research and Outreach of this company, Josep Albors, in the text of the letter, a series of links are provided to the alleged upload of files indicating legal action and infringement that he would have committed the victims.

Believing it to be a real file and caring, many of these people end up clicking on links that cybercriminals include in emails.

Once they click on these links, they are redirected to a web page that looks a lot like WeTransfer, a method already seen in November 2020, when several campaigns aimed at stealing credentials by installing malware were discovered.

Once on the supposedly legitimate web page, a login menu is displayed that users can confuse and enter their real credentials, both email address and password.

How to detect that the link is fake

  • First, the URL should be reviewed and checked if it matches the original.
  • The problem with fake web pages is that they look more complex each time, so many users consider them to be valid simply because they include HTTPS and have a security lock.
  • Check the domain registration history. If the website is new and it hasn’t been more than a month, it may indicate that the website is not secure, as it was created exclusively to serve as bait in this type of attack.
  • Another aspect that determines the alleged legitimacy of these web pages is the origin of their registration.

Harry D. Gonzalez