Every month new attempts of what is known as phishing are detected, a scam in which cybercriminals pose as a totally legitimate entity in order to steal data from their victims or gain access to a device through a malicious app . As we say, these scam attempts are becoming more frequent, and a new one has been detected trying to impersonate one of the entities that suffers the most from this type of phishing. We tell you more about it.
As we say, the National Cybersecurity Institute of Spain (or INCIBE) is always warning the Spanish population of all these attempts in order to prevent anyone from falling into these traps. It is very important to be aware of these types of warnings, since most phishing attempts are quite successful, which makes it very difficult to differentiate the scam from the real service it impersonates.
Be careful with this postal service
This new scam detected by INCIBE focuses on an impersonation of the Correos prepaid service. With this it is possible to have a Mastercard card to be able to withdraw money or pay in any store, with the convenience of recharging it as we need it. In this case, the impersonation attempt is visible through Google, since if we search for “Prepaid Mail” in this search engine, the legitimate link will appear along with another sponsored one that is , in reality , a scam . You can see in the following image how this fake link appears.
By clicking on this link via Google, the victim is redirected to a fraudulent page that looks identical to the real page , hence it is truly a danger to users. It is important to point out that if we access this false link through the computer’s browser, the URL will take us to a news portal that changes with each access to said link.
We are going to find the real danger if we access through the mobile phone, since it will be from here when we will end up at the fraudulent link that we have mentioned a little above. On this website we will be asked for a series of personal and bank details, data that obviously if we enter will go to cybercriminals. In case of introducing them, the web will redirect us to an authentic domain so as not to raise suspicions.
Tips to avoid falling for these scams
As usual, INCIBE gives some fairly general advice to avoid falling for this type of scam. It is very important that if you have already accessed this link and have entered your bank credentials, you immediately contact your bank to report the situation. Of course, it is mandatory to change the passwords of your banking credentials . These are the tips that INCIBE gives to avoid falling into these and other fraud attempts:
- Never open links in SMS messages from users you do not know or have not requested: delete them immediately.
- Never reply to these types of messages.
- Be very careful when downloading attachments from emails, messaging apps or social networks, even if they come from contacts you know.
- Always have your operating system and your antivirus updated
- Always check the URL of the page you access carefully. If you do not have a security certificate or the domain does not correspond to the legitimate one, never give personal data or bank information.
- In case of doubt, consult the entity involved or contact the toll-free number for cybersecurity help.