First it is an SMS apparently sent by a bank. Then a call from who claims to be an employee of this. And soon after, the money the victim had in their accounts disappears. The National Police has warned this Wednesday of the proliferation in the last two months of a new and sophisticated bank fraud that combines three forms of cyber fraud for the first time: phishing or creation of web pages similar to the real ones of a company or bank; the smising or sent fraudulent SMS messages and the vishing or phone calls to obtain confidential information.
The agents suspect that behind this wave there are several criminal groups, mostly made up of Spaniards and Moroccans, who at times even share their members and that each one can be made up of up to 40 people. The Central Cybercrime Unit currently has several investigations open, some of them with more than 500 known victims. “It is a classic scam in which criminals pretend to be a person or institution, but now they take advantage of new technologies to complete the deception,” explains Inspector Beatriz Gómez Hermosilla in a telephone conversation with EL PAÍS. research.
The first step of these criminal organizations is the massive sending of SMS to potential victims in which they are alerted that an alleged suspicious access to their bank account has been detected. “You must activate your web security system or your account will be blocked”, they urge the recipient in the message along with a link that they ask him to click to be supposedly redirected to the website of his financial institution. In reality, where the victim arrives is what in police jargon is known as mirror pageIn other words, a portal that reproduces the bank’s real website in all its details. Once in it, the plot requests the bank and personal data, as well as the username and password to access your bank on-line and a contact telephone number. To overcome the possible reluctance of the victims, the page informs them that, shortly, they will receive a call from an employee to carry out some security checks.
The telephone contact occurs, but in reality the one on the other end of the line is not a bank worker, but a member of the organization who, on occasions, masks the telephone number from which he calls with another that does corresponds to the bank lines. In the conversation, the criminal informs you about the supposed suspicious movements detected in your account and offers to resolve the situation by canceling them. To do so, it asks the victim to provide the electronic signature keys with which it operates.
During the conversation, and to give credibility to the deception, the plot sends new SMS to the victim’s mobile phone with the details of the steps it is supposedly carrying out and even transfers the call to what they claim to be other bank departments until they gain access. total to the personal credentials that the victim uses to operate in banking on-line. In the course of the conversation, the criminals begin to make transfers and payments, at the same time that they ask the scammed person to provide the one-time passwords sent by their financial institution to authorize them. Sometimes the criminal organization not only loots the accounts but also leaves it in Red numbers Taking advantage of the data obtained to request microcredits pre-granted by the entities to their clients without requirements.
The inspector Gómez Hermosilla details that the first cases of this sophisticated cyber scam were detected at the end of last year, although then the plots used as a hook supposed shipments of parcels from Correos or purchasing companies on-line like Amazon. “Now all financial entities are affected”, he adds. Behind these cybercrimes there is a complex criminal network with various levels and distribution of functions. According to the police officer, a part of the organization creates the web pages mirror, another is in charge of acquiring with false identities the telephone cards from which the calls will be made, other criminals in the organization make the calls and, finally, the so-called mules, people with limited resources who for a small amount of money are willing to open the accounts to which the funds are transferred in the first instance from the deposits of the scammed.
“Once in these accounts, the money begins to jump from account to account, often fragmented to make it difficult to follow their trail and with concepts as varied as” video game purchase “or” gift “to circumvent the controls of financial institutions, even that, on many occasions, ends up invested in cryptocurrencies, with the difficulty that this implies for its recovery, ”says the person in charge of the investigations. The police expert adds that these organizations get the phone numbers in the clandestine market for data of all kinds that exists in the so-called dark internet or dark web, in which they are also made with numbers of identity documents with which to be able to acquire the telephone cards with which to make the calls. Actually, that is the first rung of the new and sophisticated bank fraud detected.