We spend the vast majority of our time connected to the Internet. To consult information, access email, upload photos and video to social networks, make purchases online and we also carry out operations through online banking. Common day-to-day actions that can put our privacy at risk by being victims of one of the countless scams that circulate on the Internet. If you are a client of the Santander bank, be very careful with these scams.
Cybercriminals do not rest and take advantage of any situation to try to get hold of personal data and user accounts through the identity theft of renowned companies. There are many companies and public entities that have received cyberattacks: Ministry of Labor, SEPE, MediaMarkt, Telefónica or Facebook, among others. In addition to large-scale cyberattacks, users must be especially careful with emails and SMS that we receive from the companies with which we have a product, service or bank account. Cybercriminals take advantage of their corporate image to impersonate different companies and seize the personal data and bank accounts of their clients. Let’s see what the two dangerous scams that Santander warns about are about.
false notice of payment
From the cybersecurity expert company ESET they warn that criminals are focusing on the theft of credentials belonging to companies of all kinds. One of them is the Santander bank. One of the latest cases detected has to do with a false payment notice from Santander that includes malware that tries to steal passwords.
This is a clear example of identity theft in which the criminals behind this campaign use a logo that mentions the payment system through the Santander platform with a more than correct wording of the email that can lead to the trap even the most cautious users. Despite the good writing, some details are obvious that can make us suspicious. “When opening the attached compressed file with the supposed payment notice, we see how inside it is an executable, when we should see some type of computer document”.
Santander bank scam campaign
Regarding malware, it is a case of GuLoader. This type of virus connects to a URL or server used by criminals to download the payload or malicious load, which is responsible for stealing credentials. During its download and execution, the malware connects with Adobe Reader servers. A trap in which the victim believes that this app is being downloaded and/or updated in order to see the invoice mentioned in the fraudulent email.
Once the criminals manage to steal the credentials, they use them to “perform unauthorized access to the corporate network, stealing and encrypting information, or to send emails in their name and thus try to infect other companies that act as clients or suppliers”.
Wave of cyber scams via SMS
On the other hand, Santander itself warns through its Twitter account of a new wave of cyber scams via SMS, also known as smishing, which impersonate the identity of the bank. Santander insists that they never ask their customers to access their account through this means.
The message created by the scammers warns the victim that your bank account has been temporarily blocked for security reasons. The SMS includes a link to reset it. No case, it is another of the scams to get hold of your personal data.
Alert from #Smishing! ????⚠️
A new wave of cyber scams via SMS has been detected.
Even if it says that it is sent by ‘Santander’ BEWARE, it is a fraud???? At the bank we will NEVER ask you to access your account through this means.
– Santander Spain (@santander_es) March 24, 2022
The Internet Security Office (OSI) collects a series of messages that we can receive in which scammers pose as Santander:
- INFO: Unauthorized access to your online account. If you do not recognize this access, check immediately: [URL fraudulenta]
- Unauthorized access to your account has been detected. If you don’t recognize it, check immediately: [URL fraudulenta]
- Your account could be disabled, please set your single access device using the following process: [URL fraudulenta]
- INFO: Unauthorized access to your online account. If you do not recognize this access, check immediately: [URL fraudulenta]
- Banco Santander Reports: Your account has been temporarily blocked, to unblock it click here: [URL fraudulenta]
- To prevent your account from being blocked, you need to install our new security app. [URL fraudulenta]
Given the high number of phishing or smishing attacks, it is best to always be alert and, in this specific case, check if our bank account has really been blocked, first of all. And, above all, never provide access information: account and password. Santander will never ask you for this information through these means.