The Organisation of Consumers and Users (OCU) has issued a fresh alert regarding a new wave of phishing scams targeting bank customers via SMS. The scam, which appears to come from a trusted bank, aims to steal users’ personal and financial details, potentially leading to a significant loss of funds.
The OCU has warned of a scam that first appeared several years ago but has now resurfaced, with cybercriminals masquerading as the banking institution ING. Victims receive an alarming SMS stating that a new login has been detected on their account from an unrecognised device. Furthermore, the message urges recipients to click on a provided link if they do not recognise the activity.
Once the user clicks on the link, they are taken to a fraudulent website designed to look like the bank’s official page. Here, victims are prompted to enter their personal details, enabling the scammers to gain access to their accounts and potentially steal their money.
ING’s response to the scam
ING has responded swiftly, warning customers about the scam and advising them not to click on any suspicious links. The bank emphasised that it would never ask for personal details or verification via SMS and reminded users that their only legitimate website is www.ing.es. ING’s warning is part of a broader campaign to prevent customers from falling victim to this and similar scams.
The widespread nature of bank-related scams
This latest incident involving ING is just one of many cyberattacks that have plagued the banking sector. Other major Spanish banks, including ABANCA, BBVA, Bankinter, CaixaBank, and Banco Santander, have all reported similar phishing attempts. Scammers have even exploited public institutions, such as the Directorate General of Traffic (DGT), by sending out fake unpaid fine notifications.
How to spot and avoid internet scams
Phishing scams often follow a predictable pattern, and the OCU advises that the public should always be cautious when receiving any unsolicited messages. In most cases, the scammers send an urgent and alarming SMS, claiming there is a problem with your account and urging immediate action via a provided link.
If you receive such a message, the OCU recommends never clicking on the link and instead checking your account through a secure method, such as your banking app or website, to ensure everything is in order. Genuine financial institutions and government bodies will never ask for personal details or verification via SMS.
What to do if you suspect a scam
If you believe you have received a phishing message, follow these steps:
- Do not open the link. Block the number and delete the SMS.
- Contact your bank through a secure method, such as their official website, app, or customer service line.
- Monitor your account activity regularly for any suspicious transactions.
- Report the scam to the Spanish National Cybersecurity Institute (INCIBE).
- File a police report if you have lost money as a result of the scam.
By staying vigilant and following these guidelines, consumers can protect themselves from becoming victims of these increasingly sophisticated cyber scams.
Also read: Major property scam targeting British citizens unravelled in La Manga del Mar Menor