be very careful with this new way of smiling that the Internet User Security Office is reporting, because taking into account how current the content of its false messages is, it could make you or a family member fall.
They impersonate the Treasury on the occasion of the 200 euros
At the beginning of the year the Government of Spain decided to launch a 200-euro grant to “respond to the consequences that the war in Ukraine is having on the Spanish economy and protect all citizens, especially the most vulnerable”. This measure, designed to support low-income families, has been seen by cybercriminals as a new opportunity to make mischief.
The receipt of a SMS that impersonates the Tax Agency and says the following:Tax Agency notifications: we have not been able to process the aid of 200 euros to your bank account. Due to lack of payment information, please update from here: [URL fraudulenta]».
Taking into account that the fact that thousands of requests have been made to the Treasury to process this aid adds legitimacy to the possible matter (much more than having a Nigerian ancestor who has left you his inheritance), is where the danger of this new scam lies. .
As usually happens in other cases of smishing (phishing via SMS), if you press the link takes you to a page that replaces the interface of the Treasury that it continues to maintain the feeling of credibility and that we are really carrying out a real procedure for the Tax Agency. You only have to see the image to see the resemblance between the real and the fake.
This fraudulent page is where the following information is requested through a form: full name, telephone number, address, zip code, card number, card expiration date, security code and card PIN. With these latest data, instead of paying you the aid, what is going to happen is that they are going to steal what they can from you.
Once completed and clicked on the Continue button, it will ask you to enter an SMS code received at the phone number provided, in order to complete the alleged refund. A text box is displayed to enter an SMS code received on the phone that was previously provided. After entering said code, it will redirect to the official page and the Tax Agency, so suspicions are not raised.
Tips and solutions to this case of smishing
From INCIBE they give us a series of recommendations to avoid falling into the trap from cybercriminals:
- Do not access messages from unknown users or that you have not requested, delete them directly.
- Do not reply to these SMS at any time.
- have be careful when clicking on linkseven if they are from known contacts.
- If the SMS has a link and it redirects you to download an app, do not download it in any case. Applications sent via SMS link are usually infected by any malware.
- If you have any doubts, consult directly with the entity involved through its official channels.
Yes, unfortunately already Have you fallen for such a scam?the steps to follow should be the following, also according to the National Institute of Cybersecurity:
- Contact your bank immediately to report what has happened and cancel any transactions that may have been made.
- If you have also provided personal data, such as your phone number or email, stay tuned and check that you are not subject to another type of fraud by these means or that they do not impersonate you.
- You can also report this situation to the State Security Forces and Bodies (FCSE).