Beware of computer attacks that take advantage of the Income 2022 campaign

The 2022 Income campaign has begun this week in Spain, opening the period of ‘reckoning’ with the Public Treasury. As has been the case in recent years at the beginning of the income statement period, malicious campaigns have been detected that try to impersonate the identity of the Tax Agency. Great care!

Identity theft is a malicious activity that has spread in recent years with the explosion in the use of mobile Internet, SMS, social networks and instant messaging apps. Basically, your goal is impersonate another person or digital entity. It must be said that some type of these campaigns are detected every week, but it is in media periods like the one at hand when criminals work most actively. The motivations are common and range from data theft to fraud and deception to obtain information or financial gain, through cyberbullying, extortion or grooming.

The Tax agency It is one of the organizations that receives the most identity theft attempts. Cybercriminals try to take advantage of the “terror” that the Treasury or a lack of response to its requirements causes any taxpayer. Or on the contrary, a communication of economic return or similar. Some are crude attempts, others are better prepared, and many users may fall for them.

Income 2022: malicious campaigns

As expected, attempts to impersonate the Treasury have increased in recent days and ESET warns of a phishing campaign with dissemination both by email and through text messages.

In the case of SMS, we are notified that there is a refund of our taxes that many users can interpret as the income statement to return. To request this refund, we are asked to access a link that they want to pass off as legitimate but that, if we only pay attention a little, we can verify that it has little to do with that of the real Tax Agency.

The message is suspicious, no, the following. But we keep stinging….

If you click on the link, it will send you to a website that does have a pretty good resemblance to the legitimate one, but the domain in which it is hosted has nothing to do with it. This fraudulent website tells us how to get the alleged refund, starting the process by pressing the button prepared by the criminals, which implies providing them with your credit card information. The rest you already know: they are going to loot you.

Recommendations: the usual ones

Prevention and prudence are the best antidote against these malicious campaigns that take advantage of different variants of phishing. If the bad guys use social engineering, we have to apply common sense. Unfortunately, these types of attacks are still highly effective as they only require a small portion of users to fall for their “bait” and “bite” to be profitable.

The recommendations are the usual ones against phishing and identity theft:

  • Be wary of any requirement that requires you to provide personal information.
  • Be very careful with supposed messages from official organizations: they are the most used to impersonate identities.
  • Do not open emails, SMS or messaging chats from unknown users or that you have not requested. Delete them directly.
  • Do not reply in any case to these emails.
  • DO NOT provide your personal or bank details (phone number, name, surname, address or email) on any page.
  • Carefully review links before clicking, even if they are from known contacts.
  • Be wary of shortened links.
  • Be wary of attachments, even if they are from known contacts.
  • Always keep your operating system and antivirus updated.
  • Use unique and complex passwords for each of your accounts and enable two-factor authentication whenever possible.

And a lot of prudence friend…. If you receive a notification from the Tax Agency or another government body, you must access ALWAYS through the electronic headquarters with a certificate or other secure authentication to verify notifications or notices. AND NEVER you must access it through the link contained in the body of the message, much less after downloading attachments commonly used to include malware.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *