As part of our weekly “Saturday Scam Special” we provide information on various scams to look out for. This week is no exception as we detail three online scams as well as one specific to Instagram which is fooling many as it doesn´t appear to raise suspicion.
But first, we look at three of the typical scams going around this week.
You may receive communication from a courier or transport company providing access to a link. This is redirected to a fraudulent website very similar to the authentic one. At this point, it asks you to make a payment to cover shipping costs of an alleged packet.
⚠️#ALERTA‼️ Continúan los actos de #smishing basados en SMS suplantando a empresas de mensajería y transporte para accedas a un enlace que redirige a una web fraudulenta similar a la legítima y abones los gastos de envío de un supuesto paquete #NoPiques👇https://t.co/32mDoJQO8y pic.twitter.com/GBl0gGj4HK
— Guardia Civil 🇪🇸 (@guardiacivil) June 27, 2022
As we look forward to summer sales in Spain, this scam offers items for sale online (rebajas). When you click on the link, as above, it takes you through to a fraudulent website and asks you to make payment. Remember, if the offered item on sale seems too good to be true, it usually is!
¿Vas a aprovechar el #finde para ir de #Rebajas #Online?
👉🏼Compra en webs oficiales
💳Al pagar, la URL https o 🔒
💻Software de seguridad actualizado
y recuerda…
si es demasiado bueno para ser verdad, probablemente no lo sea pic.twitter.com/tDQyFooWWB— Policía Nacional (@policia) June 25, 2022
The third is by way of an SMS message seemingly from Banco Santander notifying of an alleged charge from Amazon for an amount of €215. This is not from Banco Santander. The objective once again is to redirect you to a fake website to steal your personal information.
⚠️#ALERTA‼️ El Banco Santander no está enviando SMS avisando de un supuesto cargo de Amazon por importe de 215 €. Su objetivo es dirigir a la víctima a una página web falsa que imita a la real para robar sus credenciales de acceso #NoPiques👇https://t.co/MM022wzNvZ pic.twitter.com/x30rYFry4A
— Guardia Civil 🇪🇸 (@guardiacivil) July 1, 2022
In all cases, always check the URL by typing the company name into the search bar.
Instagram – Saturday scam special!
The next scam we look at today has had a lot of people fooled. This is because the Instagram message appears to come from a known contact. However, this “friend” has been previously hacked therefore, it is not being sent from them.
Cybercriminals invent new techniques every day to get hold of people’s data and personal information. In this scam, known as “the six owls”, it consists of a hacker posing as a friend and offering you a challenge with a monetary reward. Therefore, it is easy to fall into the trap and get caught out. However, it is just another scam. This time, to take over your Instagram account.
How does the scam work?
You will receive a message accompanied by an image with 6 owls where you will be challenged to find the error or difference. If you succeed you will receive €50. The solution is quite simple, since the goal of cybercriminals is for you to guess correctly.
Do not click on the owl
When you have clicked on the owl in the top right corner (it has a bigger beak than the rest), you will be asked to follow a series of instructions to receive your reward.
Basically, you are asked to go into your Instagram account settings and go to the Account section and Personal Information. There, you will be asked to enter an email account that they provide, but that you can change to your own email after 2 minutes.
If you follow these steps, you will have lost access to your account and will not be able to enter it. You will also not be able to retrieve your password, since you have changed the email address on the account. Therefore, any access codes sent to update your password will be sent to the cybercriminal and not you.
This scam is used to hijack your Instagram profile and attack the rest of your contacts without raising suspicion.
If you know of any scams going around, warn others.