Years will pass and we will not stop saying: scammers are the order of the day on the Internet , they always invent new methods and there will always be people who fall because they are not properly informed or prepared.
What is the last thing that has occurred to them? SMS pretending to be Banco Santander to steal your access codes to the bank. It is a complete scam, because a financial institution would never ask you for personal information or passwords, so do not bite and learn to identify them.
Banco Santander will never ask you for your data to unlock your accounts or check access
⚠Your bank will never ask for your passwords via email📧
It ‘s #phishing
They can give you whatever excuse they want, but don’t click the link #nopiques pic.twitter.com/7zZF6NAMBK
– National Police (@policia) March 26, 2022
Recently, the National Police of Spain and Banco Santander reported a new case of smishing (phishing using SMS) that seeks to steal financial data from people who fall. Specifically, cybercriminals pose as Banco Santander and send SMS alerts about unauthorized access or temporary blocking of your account .
Once your attention is captured, they invite you to follow a link in which you must log in with your data to verify what happened and correct it. In this last point is the trap, because it is a malicious website that only serves to steal the data you enter, it has nothing to do with the bank. Some of the messages you might receive say the following:
- UNRECOGNIZED ACCESS: you are connected to your online account… If you do not recognize this access, check immediately: [fake link]
- Your account has been temporarily blocked for security reasons. To reactivate it, log in from the link: [fraudulent link]
#Smishing alert! 📲⚠️
A new wave of cyber scams via SMS has been detected.
Even if it says that it is sent by ‘Santander’ BEWARE, it is a fraud👀 At the bank we will NEVER ask you to access your account through this means.
– Santander Spain (@santander_es) March 24, 2022
By following one of the fake links used in these messages, you will immediately access a web page that is identical to the Banco Santander login page. As we warned above, it is a fake website and you can check it by reading the URL (which usually points to a Russian domain or outside of Spain):
- Real URL of Banco Santander: https://particulares.bancosantander.es/login/
- Fake URL: https://santander.financial-access…
- Missing URL: https://santander.informa-esp…
Sometimes you may receive a security warning from your browser before accessing these pages. However, this only happens when they are already fully identified as phishing pages, so it is best to be careful because they can sometimes slip through.
How to identify fraud or phishing attempts via SMS (smishing)
The police warned that care must be taken with these types of messages, since they are often sent from numbers that are actually associated with those used by banks or other financial institutions. They take advantage of vulnerabilities in the SMS protocol , so the message will reach your mobile duly identified as “Santander” (or whatever entity it is).
Thus, the best thing you can do is be careful, be suspicious and remember some recommendations to avoid falling for scams:
- No bank or financial institution will ask you for your data or personal passwords by SMS or email. NEVER!
- Always check the URLs that these messages point to and check that they are the real ones.
- Better than the previous tip, never access the links in these messages . If you are curious, go directly to your bank’s platform from its official website.
- Deactivate communications via SMS with your bank (if possible).
- If you think something really happened to your account (or you just want to check), contact your bank directly .
This applies to both banks and any other platform, since they can try to steal your data from cryptocurrency wallets or exchanges, your social networks, steal your WhatsApp data, steal your credit card information and much more. That said, scams are the order of the day, so you have to be prepared to spot them.