Every year, when the income campaign arrives, the cybercriminals They begin to rub their hands imagining the number of “victims” they are going to achieve with their cyber attacks.
And along with Black Friday, Christmas or summer, the campaign rent is one of the times of the year where the most cyberattacks are carried out and more so this year, with everything that happened in 2020 (confinement, ERTES, ERES and various payers) we are quite lost.
If you want to train in Cybersecurity, we recommend that you take our master in Cybersecurity Management, Ethical Hacking and Offensive Security in EIP, focused on employability and digital transformation.
New phishing campaign
For all this, cybercriminals have taken advantage of the situation and have launched a new phishing campaign to try to “catch” the most innocent.
It consists of an email where cybercriminals impersonate the Tax Agency and they make the taxpayer believe that they have a refund pending collection by asking for their credit card information to make the refund payment.
In the message, we can read clear spelling mistakes that should alert us that something is not right. It says verbatim:
"Dear Taxpayer. We are sending this email to announce the following: after the last calculation on tax activities, we have decided that you are entitled to a tax refund in the amount of €469.00. To receive said refund, complete and send the tax form to be returned.
We can see that in the email, there is a link where they ask us to click to receive our money, after clicking it, they direct us to a fake page where they will ask us whats credit card details and a phone number where we would receive a code to enter in the next step.
That code will never arrive since the cybercriminals They will already have the card details for their evil purposes.
What to do if you have fallen into their trap?
If unfortunately, you have stung and have provided your bank details, the best thing to do is Contact your bank to inform them of what happened, in addition to regularly reviewing your accounts and cards to report possible unauthorized charges.
We also recommend that you do internet searches about you, to avoid leaks of your data by these cybercriminals.
What do I do to avoid being a victim of these types of scams?
We have told you many times, the best antivirus is common sense, we already said in the post of the CyberPurposes for 2021 We should not open emails from strangers, although it is true that they impersonate the Tax agency, we can see in the email clear evidence of fraud such as spelling mistakes or “Spanish Tax Agency (State Administration Agency)” organism that does not even exist.
You have to be distrustful when they ask for personal information, especially for a credit card or bank, make sure you are in a secure place before providing it by looking in the navigation bar for the address to begin with HTTPS.