2023-06-13 17:29:10
The theft of bank information has always been one of the main objectives of criminals on the Internet. Malicious campaigns in which they use emails or SMS to deceive the user are the order of the day. Now, caixabank has launched a publication alerting their customers about the combination of fraudulent text messages and calls to steal the victim’s data and access their online banking accounts. Obviously, posing as the entity on duty.
“In the fraudulent art of phishing, the most important thing is to be as persuasive as possible. Cybercriminals know that the more complex the attack, the more realistic it will appear to the victim and the easier it will be for the victim to fall into the trap,” they explain from Caixabank.
In the first phase of this type of scam, the user receives an SMS supposedly signed by Caixabank encouraging them to click on a link. To make it less suspicious, cybercriminals are able to trick your device into placing their fake message after the legitimate messages you have previously received from Caixabank, in the same SMS thread.
If you click on it, a fake website appears, which imitates that of the bank. Here the introduction of personal data such as the username, password and telephone number is requested.
If the user falls into the trap, and enters the information, they will end up receiving a call from the cybercriminal posing as a manager from Caixabank. To make it even more complicated, the fake number that appears on the screen is very similar or even the same as a legitimate one from the entity. By having all the data previously provided by the Internet user, the cybercriminal has it even easier to convince him that the communication is legitimate.
To avoid falling victim to this scam, you must be clear, first of all, that neither Caixabank nor any other bank will ask you never your personal data, telephone number or secret passwords access in this way. We recommend that you do not click directly on the links in the SMS. It is better to access the information that is offered through the app itself or the service’s website,” they point out from the bank.
“Although this fraud is more elaborate because it combines two attack routes to appear more legitimate, if you remember that Caixabank will never ask you to enter personal data, passwords or telephone number, you will easily know that it is a fraud. Therefore, paying close attention and common sense are and will always be your best allies,” they conclude from the entity.
#combine #SMS #fraudulent #calls #steal #money