Yet another scam, and this one closer to home, personally, as I am with Caja Rural de Granada: there is a bogus SMS with a detrimental link circulating.
The Policía Nacional have posted a warning on their official Twitter account warning of this latest SMS scam.
The said SMS claims that your bank cards have been frozen and to reactivate them you have to click on a link… which is the last thing you should do!
The link takes you to a webpage where you are asked to enter your user number, DNI and password. Obviously, if you follow those instructions you are giving the fraudsters direct access to your bank account and you can kiss goodbye to whatever you have in it.
If you have fallen for it, contact your bank straight away. You should immediately change your password, before the crooks can do their damage – they will probably change it themselves and lock you out.
This kind of scam is known as phishing; i.e., fishing for your passwords, and other sensitive information.
On a related issue, you will often see on your facebook page ‘innocently’ asking if you have lost a dear pet and miss it. People will put in “my muffy” or “Spot” or something. Of course, many people use pet names as passwords. Others might ask “who is a 50s kid,” and somebody will come back with “Born August 52”. There’s even ones like, “join the first two letters of your first name to your mother’s last two letters.”
It’s all phishing and there is nothing innocent about it.
(News: Spain)
As a general rule of thumb, you should always use your own link to log into any online service, and that goes at least triple if money is involved.
Keep that link with your username and password and ALWAYS use your own link to login. If you use any sort of password manager (or an encrypted textfile), there’s usually space to store the link too.
Similarly, you should make a point of logging out of any financial services whenever you’ve finished using them, especially if you’re doing it on a phone.
It’s inconvenient, but it makes things a great deal harder for scammers. And it’s not as inconvenient as having your account plundered.
Paul: I received one from the BBVA but as I don’t bank with them, I knew it was a scam. There certainly are doing their Crimbo harvesting!
Hi Martin,
I received an SMS message yesterday claiming to be about my Santander Bank Account and inviting me to click on a link to confirm my account so there are obviously a few of these scams doing the rounds.
Crooks doing their Christmas shopping I guess!
I don’t bank with Santander so I knew it was bogus from the off.