The scams, either phishing, They are becoming more aggressive and difficult to detect. Due to the many data leaks that many websites have had lately, there is more and more of our personal information circulating on the Internet, available to anyone. This is why targeted and personalized attacks are becoming more and more common. If we also add to this the fact that pirates are increasingly making an effort to impersonate the entity of companies or banks to achieve their objective, we are facing scams, which are increasingly difficult to detect. And, at the minimum, we can lose everything.
This same weekend I received an SMS on the mobile worrying: someone had logged into my ING client area. And it hadn’t been me. SMS it came through the same number where the real notifications arrive from the bank, as well as the Bizum codes, therefore, there did not seem to be anything unusual.
Coincidentally, I have an ING account, so this is clearly a targeted attack. The message is in Spanish, although if we read it calmly we will realize that it is not as well written as it should be. Some punctuation marks are missing. But the most striking thing is the link. At first glance it looks like a real link, which takes us to the bank in question. But, if we look closely, the domain is not «ing.es» as it should be, but «ing.es-client.com«. Pirates have used the double domain trick.
Of course, we have gone to the web (something that should never be done) to see how the scam continued. Upon entering we have found a login website almost identical to that of ING. In it they ask us for the DNI and our date of birth, two data with which they can get what they want. Even break into our bank for real. At the bottom there are 2 links that don’t work. And, when entering any data (false, of course) on this page, nothing happens, we simply return to the same website over and over again. Although, yes, in the background what we have entered has been sent to a database controlled by pirates.
If you have fallen for the scam, you should take action as soon as possible. A timely complaint to the police, a notice to the bank, and a change of all passwords will help, when they try to use the information obtained, they can do nothing. And, if they do, you will be able to justify the theft and recover money.
The police warn: Banco Santander is also a victim of phishing
But ING customers aren’t the only ones under the watchful eye of hackers. As the National Police warns on social networks, users of the Santander Bank they are also receiving elaborate messages with which they try to steal their data. This time, they notice a problem with the credit card, and ask them to enter a link to solve it.
National Police
@police
❗ Notice of a problem with your card 💳
❗ Click on a suspicious link
❗ Misspelled
❗ Sense of immediacy
All these signs scream it’s #phishing ❗
#NoPiques https://t.co/qboRUCAyJI
October 02, 2022 • 17:56
The messages are usually poorly written, and the website they access does not correspond to the bank’s website (although, in the mail, it seems that it does). Common sense helps us avoid ending up in the clutches of pirates, something that is becoming more and more difficult to avoid.
