- S2 Grupo has warned that this is one of the most common methods used by cybercriminals to steal money in recent months.
- To carry out these telephone-type cyber scams, criminals obtain personal data mainly through pages for sale or exchange of articles or through Social Networks.
Valencia, October 19, 2020.- Faced with the increase in cases of “vishing” cybercrimes in recent months, experts from the Valencian company S2 Grupo, specialized in cybersecurity and critical systems management, have established six keys that will help us to protect ourselves and avoid falling into cybercrime networks.
Vishing consists of scams made through phone calls to obtain money. It has been called vishing because of its similarity to the well-known “phishing”. These are cybercriminals who want to gain the trust of the interlocutor by making him believe that they are employees of an important company or entity such as the telephone company or public health system, for example. To give more credibility to the message, they give personal data (contact number, locations, etc.) that they obtain on Social Networks and exchange or sale websites, such as Milanancios or Wallapop. Then, through different mechanisms, they manage to obtain money from these people illicitly.
“With the Covid crisis there are more families with really complicated financial situations and this vulnerability is being exploited by attackers. This summer, for example, the vishing related to Social Security was uncovered in which they made believe that they were going to make a refund of 300 euros via Bizum so that it would arrive as soon as possible and the interlocutor instead of collecting, what he was actually doing was paying that amount”, explained José Rosell, managing partner of S2 Grupo.
“When the offender hung up, he was sending a collection request to that person instead of a payment request. This generated confusion and together with the inexperience of many users with the system or simply because they were too hasty, they accepted this collection, without realizing that what they were really doing was paying and not collecting. To avoid these situations, it is very important to avoid acting hastily and, when in doubt, consult a trusted person before taking any action”, detailed Miguel A. Juan, managing partner of S2 Grupo.
Faced with this situation that has been increasing exponentially since the summer, experts from S2 Grupo have highlighted six keys that will help prevent falling into the nets of vishing:
- Never provide sensitive information such as bank accounts, credit card or security numbers such as the expiration date or the three-digit security code.
- If we receive a call that makes us doubt, hang up and find a way to contact the supposed company that called us. If it is an official company we can do so without problem.
- Distrust calls made through hidden numbers.
- Install some type of call application that alerts you to a possible case of fraud due to the anti-spam filters that they incorporate.
- Alert the most vulnerable people, such as the elderly, about these scams, because they are usually more susceptible to scams.
S2 Grupo has highlighted that other common ways of obtaining money through vishing-type attacks are to pose as telephone companies to end up stealing by Bizum again, to pretend to be Microsoft technicians to alert of a problem and to install spyware on the computer that steals bank credentials, to make us call very high-rate telephone numbers or to make us believe that they are calling from the electricity supply company alerting us that the last bills must be paid immediately or the service will be cut off at that moment.