New technologies are increasingly present in our day to day. There are few people who do not make purchases over the Internet or who do not check their social networks and email on a regular basis. Simple gestures that involuntarily leave traces of our personal data (passwords, bank details...) and that cybercriminals take advantage of to carry out all kinds of scams.
The alert has now been given by Social Security, which has detected a campaign of massive sending of text messages (SMS), where criminals try to impersonate the identity of the organization to get hold of the personal information of its users.
It is a fraudulent SMS in which you can read that the Tax Agency wants to return your money: "Tax Agency: you have qualified for a tax refund of an amount of 411.00". After that, it contains a link that, when followed by the victim, will download malware or lead to a page where data will be stolen, thus facilitating access to bank accounts. In fact, it includes a crossover of institutions, taking into account that it is sent on behalf of the General Treasury of Social Security... to later refer to the Tax Agency.
This type of SMS is common to impersonate different parcel shipping and receiving companies such as Correos, DHL and with the excuse of a package pending delivery, which direct their potential victims to fraudulent websites or applications.
In order to react to these messages, the National Police recommends paying attention when receiving a communication and not clicking on the links impulsively. These fraudulent emails can be identified since they usually meet a series of characteristics:
Given this, how can we protect ourselves from potential SMS fraud? The main councils go through reporting to the authorities at the slightest suspicion; Do not open links that require you to give personal data through the Internet, or download any file that makes us doubt its origin; contacting the sender you are trying to impersonate directly through their website and manually entering the real web address; and follow the two-step verification method through which the user is forced to enter a certain code, which arrives via SMS to the mobile, before accessing any personal account.
Computer criminals take advantage of the ease and tranquility with which we "offer" our personal data and trust what we believe are websites of public bodies or well-known companies.
Browsing the internet and carrying out operations does not have to be dangerous, you just have to be cautious and stop to think to whom we send our data.
