Thursday 12th August 2021 – XÀBIA AL DÍA with Mike Smith
The National Police has issued a statement warning of an elaborate form of bank fraud which combines the use of fake text messages which claim to be from the victim’s bank and followed up with telephone calls from alleged employees of the bank to convince the victim that the scam is real.
The scammers begin by sending an SMS to the victim’s mobile phone, apparently from their bank, with the following message: “Hemos detectado intentos de acceso sospechosos a su cuenta. Debe activar su sistema de seguridad web o bien su cuenta quedará bloqueada,” which, translated into English, warns the victim that suspicious activity had been detected in their bank account and that they must activate their online security system or the account will be blocked.
The messages may have some variations, but they always include a “helpful” link through which the victim can access their online banking system directly. However, the link actually directs the victim to a fake page which asks for their bank and personal details as well as the username and password of their online banking. In addition, the victim is advised that they would receive a telephone call for security check purposes.
Once all the data is in possession, the scammers call their victims posing as employees of the bank and, in some cases, the call may show a legitimate phone number of the bank to convince the victim that the call is “real”, although this is really a ‘mask’ that hides the phone number from that which is actually making the call.
The telephone call is used to confirm to the victim that there has been suspicious movements in their bank account and to resolve the situation and have the alleged fraudulent transactions returned, they are asked for the electronic signature keys which are usually used to access their online banking. As they speak, and it give greater credibility to the deception, the scammers issue a new SMS to inform of the alleged steps that they will be taking, or to pretend to transfer the calls to another department.
Using this elaborate process, the scammers gain full access to their victims’ online banking, making payments and transfers while maintaining communication with the victim from whom they requested the passwords and keys needed to authorize these operations.
The first rule is that passwords and personal data should never be provided through any channel. Banks and financial institutions can communicate with their customers in case any verification is required but they will never ask for passwords, bank details, etc. If you have any doubt about the authenticity of the call, it is better to hang up and call your bank’s usual contact number directly.
In addition, extra care must be taken with any SMS or emails that are received and special attention paid to the links that they may include because, in the case of scams like this one, they will never direct to the official website of the bank from which they claim to have been sent. Text messages usually contain misspelling or meaningless phrases.
In addition, you must be especially careful with the SMS or emails we receive and pay attention to the links they may include, as in cases of fraud it never redirects to the official website of the bank. In addition, these SMS usually contain misspellings or meaningless phrases.