Police scam alert: Fake emails target Spanish residents

Phishing campaign poses as Policía Nacional

by Lorraine Williamson
fake emails scam

A phishing campaign impersonating the Policía Nacional has been uncovered, aiming to distribute malware through fraudulent emails. These fake scam emails claim to be official notices regarding the recipient’s legal status and urge them to download malicious files.

The Instituto Nacional de Ciberseguridad (INCIBE) and the Oficina de Seguridad del Internauta (OSI) have issued a warning about this scam. Here’s what you need to know and how to protect yourself.

How the scam works

The scam begins with an email that appears to be from the Policía Nacional. It contains a subject line such as “Notificación oficial: Expediente 255XXXXXX”, suggesting urgency. The email asks recipients to click a link to download documents related to their case file, threatening legal action for inaction.

However, the link downloads a malware-laden file. Once opened, this file can compromise the user’s device, potentially leading to data theft or further cyberattacks.

Key red flags include:

  • Generic sender names like “correo_registro” instead of official Policía Nacional identifiers.
  • A lack of official logos and contact details.
  • Spoofed sender domains, such as addresses resembling @policia.es.

Steps to protect yourself

If you receive such an email, here’s what to do based on your level of interaction with it:

If you did not click the link

  • Report the email to the incident response team via your email provider or INCIBE’s helpline at 017.
  • Block the sender and delete the email immediately.

If you clicked the link but did not execute the downloaded file

  • Delete the file from your downloads folder.
  • Empty your recycle bin to ensure it’s completely removed.

If you executed the malicious file

  • Disconnect the affected device from your home network to prevent malware from spreading.
  • Run a full system scan using updated antivirus software.
  • If your device remains compromised, consider restoring it to factory settings. Ensure you back up important data regularly.

Reporting the incident

To assist in investigations:

  • Take screenshots of the email and any attached files.
  • File a report with Spanish authorities, such as the Policía Nacional.

You can also verify the legitimacy of any communication by contacting the Policía Nacional directly or consulting their official website.

Stay vigilant against phishing

This phishing campaign highlights the growing sophistication of cybercriminals. To stay protected:

  • Be cautious of unsolicited emails, especially those claiming to be from official organisations.
  • Avoid clicking links or downloading files from unverified sources.
  • Keep your devices updated with the latest antivirus software.

The INCIBE and OSI provide further guidance on recognising and handling cyber threats. 

If you have any problems related to this topic or any aspect of cybersecurity, do not hesitate to contact INCIBE’s Cybersecurity Helpline. You can get in touch for free by calling 017, or through their instant messaging platforms, such as WhatsApp (900 116 117) and Telegram (@INCIBE017).

By staying informed and vigilant, you can reduce the risk of falling victim to such scams.

Also read: Surge in cybercrime in Spain


You may also like