'BBVA' Email Virus

The 'BBVA' email virus is a new attack campaign that targets customers of Banco Bilbao Vizcaya Argentaria, a Spanish-based bank with active offices in Spain, North America, Turkey, Romania and South America. It seems that a group of anonymous cybercriminals has decided to try and hijack the financial data of BBVA customers by targeting them with corrupted email messages. Often, hackers use emails to refer their targets to online phishing pages, but the 'BBVA' email virus works in a different manner – it delivers a 'ZIP attachment called 'Facturas Pagadas al Vencimiento.' This file is meant to trick the recipients into thinking that they have to review a new invoice that they probably were not expecting – many people are likely to open the file immediately, since they may be under the impression that a non-confirmed payment was made via their accounts. The email message is backed by the BBVA logo and usual email style, so it is clear that the crooks behind the 'BBVA' email virus have put a lot of effort into making their attack as elaborate as possible.

Agent Tesla is Delivered via BBVA Phishing Emails

The 'ZIP' file, however, does not contain a legitimate document and, instead, it is a self-extracting archive that will try and get the Agent Tesla infostealer to run on the victim's computer. Users who are not using sufficient anti-malware protection may not be alerted about the infection, and may never realize that they had become a victim of the 'BBVA' email virus.

It is important to add that the contents of the 'BBVA' email virus are written in Spanish, so it is safe to assume that Spanish and South American users will be the primary targets of this campaign. If you are a BBVA customer, you should be extra vigilant about suspicious emails coming from your bank. Furthermore, it is recommended to invest in an up-to-date anti-malware application that can offer additional protection against threats like Agent Tesla.