![[Spain] Ad on dark web selling access to public payroll portal](http://gpa.net/cdn/shop/articles/bigstock-Phone-Data-Hack-Scam-Or-Fraud-469106461_1200x.jpg?v=1780464608)
Cybersecurity researchers have located an advertisement on a dark web cybercrime forum which offers access to a payroll portal linked to a Spanish public administration body, APD reports.
The post references active access to 371 accounts in a personnel management system and states that control would last for approximately two months.
The advertisement’s biggest red flags are reportedly not only the economic volume quoted, but the access the seller claims to have to payroll data. It details altering employees' bank details in a payroll system that would have managed more than €962,000 net through SEPA transfers in April.
The affected public body has yet to be identified, and the content has not been verified by independent sources.
The dark web ad describes access with permissions over workers' banking information. The fields the seller claims to be able to modify reportedly include the entity code, the branch code, the check digit, the account number, and the IBAN code.
According to APD, the inclusion of this detail makes the time of payroll payments the period of risk, because the advertised system is not limited to consulting internal information.
Source: APD
Cybersecurity researchers have located an advertisement on a dark web cybercrime forum which offers access to a payroll portal linked to a Spanish public administration body, APD reports.
The post references active access to 371 accounts in a personnel management system and states that control would last for approximately two months.
The advertisement’s biggest red flags are reportedly not only the economic volume quoted, but the access the seller claims to have to payroll data. It details altering employees' bank details in a payroll system that would have managed more than €962,000 net through SEPA transfers in April.
The affected public body has yet to be identified, and the content has not been verified by independent sources.
The dark web ad describes access with permissions over workers' banking information. The fields the seller claims to be able to modify reportedly include the entity code, the branch code, the check digit, the account number, and the IBAN code.
According to APD, the inclusion of this detail makes the time of payroll payments the period of risk, because the advertised system is not limited to consulting internal information.
Source: APD
