A deceptive email was detected circulating in the name of the Central Bank of the Argentine Republic (BCRA) with the subject: “[IMPORTANT] notice to partners”
This message pretends to be issued by the BCRA from the mailbox xxxxx@bcra.com account that does not belong to this institution. The Central Bank’s email addresses always end with the official domain: @bcra.gob.ar. In addition, it is important to remember that the BCRA does not send emails to ask for personal or bank details.
If you receive this email, it is recommended to delete it immediately as it is a clear case of phishing, that is, a deceptive email that appears to be legitimate and is used to obtain personal and banking data.
How to recognize phishing cases ?
They usually have all or some of these characteristics:
1. Sender: these are unknown contacts or contacts that pretend to be recognized organizations or personalities, which are usually misspelled.
2. Email address: it may look similar to the real address but it is not exactly the same. A letter may be missing or superfluous or replaced by a number. For example: hxxps://banco-central[.]xxxxxx[.]com/xxxxx (the correct address is https://bcra.gob.ar/).
3. Subject and content: it is usually an unexpected email, about something urgent that requires immediate action or an imminent danger.
4. Links and attachments: content usually leads to links or asks to complete data or download files that contain malware or malicious programs commonly known as viruses.
Transcript of the text of the detected fake email:
From: Central<Bank xxxxxxx@bcra.com></xxxxxxx@bcra.com>
Date:August 8, 2020, 16:55:12 ART
Subject:[IMPORTANT] notice to partners.
We detect unusual activity on your cards.
Dear Customer: xxxxx@xxxxx.com
Due to the high number of frauds that occur on the Internet and of which our customers have been victims, together with American Express (American Express Argentina S.A.), Visa (Grupo Prisma), Mastercard (First Data Southern Cone), we have a data validation process that allows us to guarantee complete security in each of your transactions. It is a quick process and will only be carried out once.
Perform the security process here.
