The Cyber ​​Defense Institute warns of fraudulent emails referring to a Covid ID

Based on the cases indicated so far, the apparent sender of the letters is the e-mail address covid.bizonyitvany@ugyfelkapu.gov.hu.

The National Institute for Cyber ​​Protection (NKI) has issued a warning about unsolicited e-mails containing a malicious attachment referring to a Covid ID.

In a warning published on its website on Wednesday, the NCA wrote that it had received several reports of “Trojan virus” emails attempting to deceive people by referring to the European Union’s “Covid certificate”.

Based on the cases indicated so far, the apparent sender of the letters is the e-mail address covid.bizonyitvany@ugyfelkapu.gov.hu, and the subject of the letter was “Covid vaccine digital certificate” – highlighted: the attachment of the letter contains a viral file, therefore, by no means open it.

In the letter, after opening the attachment, a compressed file containing a variant of the so-called Lokibot Trojan virus is downloaded to the “victim” device. These are primarily information-gathering spyware that, among other things, have the ability to monitor keystrokes.

The NCU recommends that no one ever click on links in e-mails that request the download of unknown files or the provision of login, personal or other information. In each case, you should search the official website of the company or organization concerned and check the authenticity of the received message by logging in there.

The reality of the message can also be verified through the contact details available on the official information surfaces of the company or organization concerned.

Phishing messages may include an attachment (such as a Microsoft Word document, a compressed file with an .iso or .pdf extension). These should not be opened or downloaded.

The NCA emphasized that if someone experiences an incident referring to phishing or has become a victim of fraud in connection with it, make an immediate report to the e-mail address csirt@nki.gov.hu ​​or via the website nki.gov.hu.

For phishing detection, it is recommended to check the NKI “Did your email come in? Think before you click!” infographics.