Cybercriminals never stop. Now the National Police have already warned of a new method with which they can get your bank code without you telling them. This type of telephone scam consists of being asked to directly dial the password on your mobile while you are on a call to obtain the password.
Nowadays we have to be very careful with the calls we receive. And more when they ask us for the bank password, since we would give access to our bank account to cybercriminals. For example, posing as a fake employee of a power company is known as spoofing. However, the danger has increased after detecting the National Police that it is no longer necessary to say the password, now they can take it from you by dialing it on the phone.
Do not say or dial the bank password
To date, the National Police and cybersecurity experts were clear that the technique was to impersonate an employee who verbally requested the bank access code. Instead, a worrying new method has now been detected. Basically, it consists of the fake employee warning the potential victim that for security reasons the password should not be given to anyone, so he asks them to dial it directly on the phone. And that’s when they can steal the bank key.
By dialing the bank’s password on the mobile while calling, cybercriminals take the opportunity to capture the keystrokes that have been given on the smartphone by the victim. So they can find out at that moment the password used to access the bank’s app.
This new modality in the telephone scam known as spoofing is a technique that cyberfraudsters have begun to use. They start by posing as a trusted sender in order to access the personal data of their victims. And once they gain trust, it begins to request sensitive data: ‘they are told to dial the private banking access code on the keyboard of their mobile terminal, or a verification code, through a link sent in that very moment by SMS’.
They impersonate the real company phone
In addition, in these cases they manage to impersonate the real telephone number of electricity companies, banks or even public institutions. So this causes the scam to be almost undetectable. For this very reason, the National Police makes it clear that the password must not be said verbally or dialed on the telephone through a telephone call. Since they could be using this technique to steal your bank key.
And they also remind us that no private company or public institution uses these methods to request personal data from its clients. So if one day you receive a call and they ask you for the bank key or a verification code that you receive through an SMS, it is a scam. Nor do you have to click on the links you receive through text messages and when you want to access your bank, go directly to the official app that you have on your mobile.
