The National Institute of Cybersecurity warns about a new phishing campaign that aims to steal users’ bank details.
Phishing has become the routine of the internet, receiving false emails that try to scam us is a reality that many of the owners of an email account have already faced more than once. The positive part of this persecution is that Internet users are increasingly aware and trained against these attacks.
Cybercriminals need to try harder and find new techniques To deceive their victims, they turn to well-known companies or special institutions to reinforce the sense of trust and security and to lower our guard. Correos, for example, is one of the most used, next to Google or Amazon.
An example of this is this new email that has detected the National Institute of Cybersecurity. This is a standard phishing scam, but pretty slick in detail and design. This makes deception more difficult to detect.
In the images provided by INCIBE, no errors are seen either in the subject of the email or in the body. The subject requests that we confirm payment of the shipping costs in order to send a package. For those who are not expecting anything, alerts will jump more easily. We should also suspect that couriers request to pay the costs of a shipment by email, when the usual thing is to take the package to the nearest offices and pay for the shipment there.
As is usual in this type of business, when you click on the button to confirm this supposed payment, a window opens in the browser where the bank details are requested. The web looks real, its design is quite similar to that of the post office, but it is not authentic.
INCIBE has hidden in the captures the address from which the email is sent and the url to which the button directs us, but these are usually very good clues to detect deception if they do not integrate real domains or are not secure websites that start with “https”.
The next step, after entering the bank details, is to include a code that should be sent to us by SMS to verify our identity. Of course, victims do not receive any SMS and Cybercriminals already have that person’s bank details and passwords in their possession.
“When the requested credentials are entered, it always returns an error, even if they are correct. In addition, if access with Digital Certificate or DNIe is clicked, it indicates that this functionality is disabled, and if an attempt is made to register a new user, it returns an error indicating that it should be tried later.“, they explain in INCIBE.
Whether or not an email or SMS is suspected, it is important verify the information before using any links or attachments in the message. You can enter the web browser of Correos or the company that is and look for the information on our own, before following the instructions in the mail.
If with all these precautions we believe we are the victims of some deception, it is important notify our bankto as soon as possible so that they help us avoid any movement of the account and change all the passwords and user names that we have similar in emails, social network profiles, other banks and other online subscriptions.