Beware of smishing attacks targeting Spanish bank customers

by Lorraine Williamson

In a recent press release, the Oficina de Seguridad del Internauta (OSI) has raised an alarm about a surge in smishing attacks targeting customers of various Spanish banks.

Smishing, a combination of “SMS” and “phishing,” involves cybercriminals sending fraudulent text messages to trick individuals into divulging sensitive information. The messages claim to alert recipients about unusual activities on their bank accounts, prompting them to click on malicious links.

Affected resources

Customers receiving SMS notifications claiming unusual account activity are urged to exercise caution. These messages typically inform recipients of purported suspicious transactions or the suspension of their accounts, urging them to click on an embedded link for resolution. Unfortunately, these links redirect users to fraudulent websites designed to steal online banking credentials.


The OSI (Oficina de seguridad del internauta) offers the following guidance to individuals who have encountered such messages:

Blocking and deleting

If you receive a suspicious message but haven’t provided any information, block the sender’s number and delete the SMS.

Immediate notification

If you’ve clicked on a fraudulent link, promptly inform your bank about the situation.

Additional steps

  • Report the fraud through channels like INCIBE or seek assistance from the Cybersecurity Helpline.
  • Confirm changes to your banking access details, use unique and strong passwords for each account, and regularly check your account transactions for unauthorised charges.
  • Preserve evidence of the incident, such as screenshots or links, for filing a report with the police.

Over the coming months, practice egosurfing to trace any exposed personal information resulting from the incident, using methods like Google Dorks.

Cogesa Expats
Official contacts

Utilise official communication channels provided by your bank, such as the provided email, customer service number, or the official banking app. Visit your bank’s website for information on online fraud.

Identifying the attacks

Various banks, including ING, ABANCA, Banco Sabadell, Bankinter, Laboral Kutxa, BBVA, Banco Santander, Caja Sur, CaixaBank, and Deutsche Bank, have reported incidents of phishing attempts. The fraudulent SMS messages contain links that redirect to fake banking sites, aiming to steal login credentials. The messages create a sense of urgency by claiming account blockages, loan processing, or unauthorised charges.

Sample SMS fraud attempts

Here are examples of fraudulent SMS messages used in these attacks:

  1. Detected a high-value immediate transfer. Verify immediately: [Fraudulent URL]
  2. Charge of 1892.32 EUR made. Verify immediately: [Fraudulent URL]
  3. From 23/01/2024, your account operations will be suspended. Validate your identity here: [Fraudulent URL]
  4. Your card has been temporarily limited. Update your information here: [Fraudulent URL]
  5. Your account will be suspended on 18/01/2024. Update your details: [Fraudulent URL]
  6. New device registered in online banking. Verify immediately: [Fraudulent URL]
  7. Login from a new device. Verify immediately: [Fraudulent URL]
sms fraudulent texts

Above images @osi (Oficina de seguridad del internauta)

The public is advised to stay vigilant, report suspicious activities promptly, and follow the recommended steps to protect themselves from falling victim to such scams.

Also read: Smishing scam to steal your bank details

Baycrest Wealth

You may also like