Alert in Spain: new mobile scam that can empty your bank account

by Else BeekmanElse Beekman
mobile scam Spain

The Guardia Civil has issued a nationwide warning across Spain about a mobile scam that could leave your bank account drained. While losing mobile connection might seem like a minor inconvenience, it can signal a serious security breach.

According to the police service and the National Institute of Cybersecurity, INCIBE, this ‘SIM Swapping’ scam is increasingly common, and it’s crucial to understand how it works and, more importantly, how to protect yourself.

How the scam works

Losing your mobile connection is something most of us have experienced, whether due to poor signal or other technical issues. However, in certain cases, it can mark the beginning of a larger problem. According to the Guardia Civil, cybercriminals exploit this brief loss of connection to take control of your mobile phone and access your sensitive information.

In a typical case, criminals will target your mobile operator and trick them into duplicating your SIM card. Once they gain access to the duplicated card, they have full control of your phone. This means that when your bank sends you a security code for a transaction, it will be intercepted by the criminals, not you. The result? A bank account drained of funds. They also access emails, and social media using the verification codes sent via SMS.

The steps involved in the scam

The modus operandi of this scam may seem simple, but it is highly effective. The criminals rely on a multi-step process to gain access to your sensitive data. One key method they use is phishing—posing as a trusted entity like a bank or service provider. They may call you, send a fraudulent email, or even message you on WhatsApp to trick you into giving them personal information.

Once they have enough data, the criminals can go ahead and duplicate your SIM card, giving them complete control over your mobile phone and the information it holds.

How to protect yourself

To avoid falling victim to this scam, it’s important to take proactive steps. The most effective measure is to enable two-factor authentication (2FA) for your banking accounts. This means that, in addition to the usual password or PIN, a second verification step—such as a fingerprint scan or digital signature—will be required for any transaction.

Additionally, using Google’s security keys or other secure login options can offer an added layer of protection. The more personal information you share on social media or online platforms, the higher the chances you might become a target for cybercriminals. Therefore, limiting the amount of personal information you share online is always a good idea.

The rise of online frauds

This type of fraud not only jeopardises users’ savings but also reflects a worrying trend among cybercriminals to adapt their tactics to new technologies. With the growing digitalisation, the online world has become a battlefield where users must remain constantly vigilant and take the necessary steps to protect their devices and bank accounts.

According to data from the National Cybersecurity Institute (INCIBE), over 133,000 cybersecurity incidents were reported in Spain in 2020, marking a 24% increase from the previous year. Among these incidents, online frauds stood out, accounting for 35% of the total.

Also read: Criminal network using ‘card switch’ scam dismantled by Guardia Civil

You may also like