Some time ago, Joan received a call. The phone number of your bank branch.a man said from the other end of the phone. He claimed to be a bank employee. he called her to tell her Someone was trying to get 400 euros from his bank account and, to confirm it, he indicated Correct 20 digits of your account number.
did not doubt: They called him from there The number that I setthey knew all their information and, moreover, they were fully aware of Your bank account. After giving him this information, Joan, thinking it was her bank, invited him to do so A test to prevent the alleged robbery attempt from happening again.
During the same call, he told him this I had to check it out now that your service ‘Instant Money’ This worked, because it showed that loot The crime was committed after this service.
‘Instant money’: This is how the scam works
This new feature –‘Instant Money’- Allows any bank customer Authorize another person to withdraw money Immediately from the ATM. Anyone who has an account must do this Order a withdrawal from your bank application and write the telephone number of the person who will pick it up, by entering your number digital signature to confirm the identity. Once done, the authorized person You will receive a code From which the money is to be withdrawn.
That’s when Joan became suspicious: she had never heard of ‘instant money’ before I did not activate itBut followed the instructions. The alleged man from the bank told him that, to test, they would try to make one Simple Operation Through this service.
For “more security”, he had to do this Send money to yourself: He ordered the money to be withdrawn on your same phone number. There was no further scope for the test: without that code – which only Joan was supposed to receive – no one would be able to receive the money. But, with the call he urged them to say that Code received in SMS to “Check” Which was correct with the “data sent by the bank”.
A very recurring and dangerous scam
That time, Doubt Joan prevented him from revealing the code he had received via SMS, and wait. This is how he stopped the scammers, who were probably next to the ATM Waiting for Joan to give them the number she received via SMSThey will rob you. The next day Joan went to her bank office, where They confirmed it is a scam Very Recurring and dangerous.
Security patch: Gitlab fixes vulnerabilities in server versions‘Spoofing’: impersonating a bank’s identity
impersonate, In this case of a banking entity, deceiving victims and stealing is a form of scam called ,SpoofingBanking. He The National Cyber ​​Security Institute (Incibe) alerts on its website that “Detect telephone spoofing It can be hard, Since cyber criminals use Increasingly sophisticated techniques.
An example of this is this They may call from your bank’s phone number. This can be done in two ways:
The first includes Use a VOIP Service (Voice over Internet Protocol, for its acronym in English) that allows you to contact a recipient as if it were a telephone network call when in reality it is an internet communication.
There is another way Call from another numberBut Change the number displayed on the screen for the recipientSomething that the VoIP providers themselves can do, since they do not usually check if the customer owns the number they request.
How do they know your data?
The technique these cyber criminals use to make you trust them is I will give you some data which obviously no one can know without you knowing. they know you Name, surname, ID, telephone number (they call you directly) and, in Joanne’s case, you can too Bank account.
This information is usually obtained from Massive data breach who steal from big companies, but they can do that as well Buy from the black market. For example, in 2018, the company Facebook (now Meta) recognized him they were 30 million user data leaked due to pirate attack.This was a well-known case because of the size of the company, but it happens in many other companies.
It is also possible that the data You gave them yourself As Victim of deception ‘Phishing’, another type of scam that usually leads you to a link Where they ask for your information. If they don’t steal your money You may not feel guiltyBut they probably robbed you Data to use in another big scam.
Some tips and recommendations
He Incibaycollects on its web portal Some tips and recommendations What should we keep in mind to avoid these scams:
Unity game engine: unwanted runtime fees are finally off the table- If the person asks for personal data or confidential information over the phone You should be suspicious of: Banks or other companies They will never ask you for bank details or passwords Via phone. In fact, on the website of some institutions, e.g. Santander Bankhave already warned that they will never ask their customers to provide electronic banking credentials or any other sensitive information through any medium like SMS, phone calls or email.
- Imperative tone: They will always demand urgency with a sense of entitlement and demand to act quickly so that they don’t get time to think about what we are doing. If you notice this on a call, be suspicious.
- If you dial the number you can’t call back: If the call is disconnected and when you try to call that number back you don’t get through to the same person, it’s a scam. You will likely contact your actual bank and they will inform you that this identity doesn’t exist.
