Movistar has issued a public warning about a new scam targeting its customers, as criminals impersonate the telecommunications company, tricking users into providing sensitive personal data under the guise of upgrading their router.
This new type of fraud, known as “vishing”, combines sophisticated tactics to deceive victims into compromising their security.
Router scam exploits trust in service providers
The scam begins with a call from someone posing as a Movistar employee. The fraudster claims there will be changes to the user’s contract—often mentioning a price increase or an upgraded package offer—and insists on the need for a new router to accompany this supposed change. This is presented as an enticing offer to upgrade services and lower costs, designed to lull users into trusting the caller.
However, this fake representative then asks the customer to provide a security code, supposedly to complete the router exchange process. In reality, this is a carefully orchestrated attempt to gain access to the customer’s personal “miMovistar” account, allowing cybercriminals to gather personal or financial information for illicit use.
The dangers of ‘double call’ vishing scams
This latest scam is part of a broader trend known as vishing, a blend of “voice” and “phishing”. Criminals use phone calls to gather sensitive information. Movistar has specifically warned of the “double call” approach, where the fraudsters use the information provided by victims during an initial call to make a follow-up contact. By gaining trust through repeated contact, they make it more likely that the victim will divulge important security information, such as SMS codes, which give access to online accounts.
¡Alerta! Nueva campaña de vishing detectada suplantando a Movistar🚨
Si recibes una llamada de un número desconocido para cambiar el router no te confíes, están intentando hacerse con tus claves de miMovistar. #SeguridadDigital
— Movistar España (@movistar_es) November 5, 2024
Movistar emphasises that no legitimate representative of the company will ever request security codes over the phone. Additionally, under Spanish law, legitimate service providers must notify customers of any contractual changes in writing at least 30 days in advance. If you receive an unsolicited call from an unknown number requesting a router change, Movistar advises you to be wary and avoid giving out any personal information.
How to stay safe from this scam
The warning from Movistar follows an increase in reports of scams using similar social engineering techniques. With incidents of phone fraud rising, it is crucial to remember that no telecommunications company will ask for security codes or passwords over the phone. Movistar urges its customers to hang up immediately if approached in this manner. Additionally, they should report suspicious calls to the company or local authorities.
If you are contacted about an unexpected router change or package upgrade, remember to verify the request through official Movistar channels—not through any numbers given during the call. Remaining vigilant and sceptical of unexpected offers is the best way to protect yourself from falling victim to these types of scams.
“Yes call scam” and WhatsApp scams
Movistar’s advice comes at a time when other fraudulent schemes, such as the “yes call scam” and WhatsApp scams, are also on the rise across Spain. The Guardia Civil has similarly warned of scams beginning with seemingly harmless actions, like responding to strangers on social media or falling for misinformation. Staying informed about these evolving threats is essential to safeguarding personal data.
Also read: Current scams to be aware of in Spain