Today we are going to talk about phishing. We already know that financial institutions are a prime target for phishers. As malware evolves from an amateur hobby to a money making business, things have evolved a lot.

The phishing we are going to talk about doesn't target a financial institution, nor an e-Commerce site. It directly goes against the Spanish Internal Revenue Service, called "Agencia Tributaria". The scam goes like this, you receive an email that informs you that some taxes have been wrongly charged and that you are elligible for a refund of 90 €. Here is part of the email. It is written in Spanish. Bad Spanish indeed.

[Imageattachment] 

Of course to apply for it you have to enter your data in a web form, that for sure is located somewhere not related to real agency. So as always, be careful, and type the url of the site you want to visit.

Do not follow links from emails, it is much safer.