CaixaBank's Urgent Alert to Thousands of Spaniards: Your Account Could Be Emptied

In an increasingly dangerous digital environment, CaixaBank has found it necessary to alert its customers about a scam that could jeopardize their bank accounts. The bank detected a new fraud a few months ago that uses the digital certificate from the Fábrica Nacional de Moneda y Timbre (FNMT).

This certificate is an essential tool that allows citizens to officially identify themselves in numerous online procedures. Taking advantage of its popularity, cybercriminals have launched a phishing campaign aimed at installing malware on victims' devices. A way to steal sensitive information and put their assets at risk.

CaixaBank Warns of Fraud Threatening the Security of Your Data

The new fraud is based on the sending of emails that appear to be sent by the FNMT. A particularly concerning type of attack at a time when the digitization of procedures and banking operations continues to increase in Spain.

The messages inform recipients that they have an attachment available for download. There, supposedly, is their digital certificate along with the NIF identification.

Additionally, victims are invited to access a URL to facilitate the document download. The reality is that these emails do not come from the FNMT. They have been manipulated by criminals using spoofing techniques, known as email spoofing, to make the sender appear legitimate.

The problem arises when the user, trusting the message, downloads and executes the attachment. Although the email announces the download of a document related to the digital certificate, the file is, in fact, a disguised executable.

This malicious program installs itself on the device without the user noticing. This allows cybercriminals to take control of it, steal personal data, and ultimately empty the bank account.

The threat of this fraud is not minor. If the victim executes the contaminated file, the malware infiltrates the system, exposing banking and personal information. Criminals can use this data to carry out fraudulent transactions, leaving the affected individuals with zero balances in their accounts.

How to Identify the Fraud and Protect Your Accounts

CaixaBank advises its customers to pay special attention to the details of any suspicious communication. It is essential to carefully verify the sender of the email. Criminals often use addresses that mimic the official FNMT domain.

Although the message may include a subject like "Availability of the FNMT-RCM Certificate," users should remember that the FNMT never sends attachments of this type nor requests access to external links to download their digital certificate.

CaixaBank recommends not opening attachments or following links that have not been previously requested and that come from dubious sources. The bank insists that, in case of any doubt, it is best to go directly to the official FNMT website or contact the bank to confirm the authenticity of the communication.

It is vital that customers remain alert and adopt preventive behavior to avoid falling into these traps that can compromise both their privacy and finances.