⚠️Uzmanību! Finanšu ministrijas vārdā tiek sūtīti datorvīrusu saturoši ziņojumi: https://t.co/TyakIxnNEo— Finanšu ministrija (@Finmin) December 11, 2018
Latvia's cyber-defense agency, CERT.LV, said it was investigating the fraudulent emails, which invite recipients to make a "missed tax payment" as if on behalf of the Ministry of Finance with the designated sender's address [email protected] - not the real email address of the Ministry.
at a glance the email looks genuine - bearing the genuine state coat of arms, but the name of the ministry is given in English, even though the message itself is in Latvian only - which would not happen on any official document.
In any case, it is the State Revenue Service (VID) that is responsible for chasing up tax payments, not the central Finance Ministry.
The email begins with a slogan apparently lifted from a recent Finance Ministry advertising campaign saying "Money for the state budget is also your money!"
But the e-mail also contains some glaring Latvian grammar errors, suggesting whoever put it together was not a native speaker.
CERT.LV pointed to this fact as "one of the most important indications that this is not an official communication with a public authority, but an attempt at fraud."
A ZIP file attached to the email contains a PDF document. When you open this file, the computer is infected with a virus that collects passwords stored on the computer and may encrypt the files on the machine to request a ransom for file recovery.
"When receiving such an email, it should be ignored and avoid opening the attachment. When the attachment is opened, no user actions (document opening, program installation, dialog windows) are affected, but the computer is infected with malware," warned CERT.LV.
If the attachment is been opened, passwords for all resources and sites that were used on the machine should be changed and it should be scanned with antivirus software or put in the hands of a computer specialist.
"For additional resource protection, we recommend using two-factor authentication whenever possible. This will make it harder for strangers to access your data," advised CERT.LV, adding that at the end of the year computer users need to be especially vigilant.