The Guardia Civil has arrested a total of 76 people for fraud by sending fraudulent SMS messages en mass pretending to be a well-known bank. InSpain.news, with information from the OSI (Oficinia de Seguridad del Internauta) regularly bring you updates on the various scams that are going around. These scams affect us all.
During the first phase of the operation, police arrested a total of 30 people in the following provinces;
Then, in a second and third phase, a further 46 people in Barcelona, Girona and Tarragona, four of whom were “mule catchers” were also arrested.
The scammers used a fake incident in their victim´s bank account. They then offered the possibility of resolving it by asking the victims to accessing a link to the web. Consequently, that turned out to be false. From this, they were able to obtain the victim’s digital banking username and password. Then, with the access codes to their accounts, the criminals were able to make fraudulent bank transfers.
The investigations have made it possible to obtain information on more than 350 beneficiary bank accounts of the illegally transferred amounts with a total amount defrauded of more than €1 million.
Over 500,000 IP addresses
From all the information obtained, the researchers have analysed over 500,000 IP address records used by the perpetrators during the dates of the scams.
In all cases, the injured parties were customers of the same bank on whom the same modus operandi was used. Over time, the scammers perfected their act.
Phishing, Smishing, and Vishing
They combined deception techniques such as phishing and smishing, with which, by sending fraudulent emails or SMS that had the appearance of a trusted source. Then they tried to obtain the access credentials of their victims.
These techniques were later added to by another known as vishing. In this case, the cybercriminals make a phone call in real time to the victim, posing as a bank employee. During they call, they warn him of suspicious movements in his account.
Also read: Online banking scams to look out for
Therefore, once the trust was gained, they asked the victims for the access codes received on their mobiles. However, these were codes to authorise transfers through a well-known instant money transfer application.
The sophistication of the deception process continued to increase as the scammers continued. They even used the logo of the bank itself and their real phone numbers to appear on the screen of the victim’s mobile phone. This is something that can only be achieved using spoofing techniques.
Most of the 76 arrested performed the functions of “economic mules”, recruited “recruiters”, who looked for people in vulnerable situations. In exchange for small commissions, they obtained the numbers of their bank accounts or managed to get them to open online accounts in different entities.
The “recruiters” occupy a higher step on the ladder than the “mules”. As such, being people who in turn have been deceived by the components of another higher level and who, as a pyramid scam, obtained commissions for each of the “mules”. that they recruited.
The operation was carried out Guardia Civil agents, belonging to the Technological Crimes Team (EDITE) and the @ Team, both from the Cáceres Command.
Also read: Eight SMS scammers arrested
What to do if you have been a victim
If you suspect you have been a victim of such a fraud, you can contact service the provider directly, or call the police on 091. You can also report the facts to the OSI.