I had already discussed some phishing cases related to Telcel that sought to steal credit cards (here and here), today's is very similar but the objective of the attackers is directly infect users. It all starts with a fake mail that simulates being sent by the company, the excuse is a supposed service that will allow you to send free text messages from the computer:
Clicking on the link ends up in a fake site that contains the same information and starts downloading a Trojan named Telcel.exe (VT 11/42):
As we see, it is an attack that can easily be detected by ourcommon sense, because it is an unsolicited email with links that download an executable file, more suspicious than that there is nothing.
Although it is true that social engineering plays its role and at first glance one might believe that the promotion is legitimate, the ideal before carrying out any action of this type is to go to the official page of the company for more information or everything case consult the support.
The official page is www.telcel.com And they have several communication channels including Twitter, Facebook and even a chat help service that works every day.
Update: Another type of phishing that circulates loads a false page that requests the credit card, supposedly to recharge on the mobile. If the victim does not detect the deception, their data ends up in the attacker's hands:
Thank you @natorrantey Jose Luis for the submissions!