In recent weeks, the increase in fraudulent text messages from senders impersonating Correos has alerted the Internet User Security Office (OSI), which has focused on a specific type of scam: the ‘smishing’.
Criminals seek to take over bank details of the unsuspecting through requesting payment of fees to deliver packages. The SMS usually have a structure similar to this: «Dear customer, your package could not be delivered X day because the fees of X euros have not been paid. Click here to complete the payment and receive the package.
Next, the system redirects to a payment platform that imitates the colors and logos of Correos, the credit card details are entered (card number, expiration date and CVV) and, at the end, the PIN code is requested of the same: it is with this number that cyberthieves get hold of tall the data to enter the bank account of the unwary.
Tips to avoid ‘smishing’
The OSI gives some simple advice to avoid falling into these problems: when in doubt, delete the doubtful SMS and do not press any link.
If it is already too late for it, you have to contact the bank, block credit cards as soon as possible and proceed to make a formal complaint before the Police. It is recommended to take screenshots of the SMS, of the charges on the card, if any, and of the fraudulent website itself to attach them to the complaint.
If in doubt whether or not a fee should be paid to Correos, it is recommended to contact an office directly to check if there is any pending package in our name or use the notification verifier that they have on their website.
The increase in fraud such as ‘smishing’ or ‘phishing’ on these dates is normal. The exponential increase in online orders for Black Friday or Christmas means that many people are waiting to receive a package, something that scammers take advantage of.