SMS has regained market share with the online parcel boom. The pandemic and confinement have triggered purchases on digital platforms and the delivery process has reactivated the use of SMS to confirm shipments to buyers, which had been greatly relegated with the popularity of WhatsApp or Telegram.
The SMS revival has also revived scams that have seen better times in the past. Phishing, vishing, smishing … are modalities that over the years have spread like an oil slick among mobile users. The most up-to-date version has burst into force less than a year ago, when the Covid-19 pandemic forced everyone to confine themselves to home and the online courier and parcel service exploded.
One of the Mossos IT experts at his work table at the Campclar police station. PHOTO: CME
–
With this new panorama, criminals also adapted, explains the head of computer crime coordination at the Campclar police station in Tarragona. “People were at home, teleworking and using the Internet for their purchases. The scammers saw that they could cheat in the process, in the delivery of parcels.
In these 4 months of 2021, Mossos has 11 complaints distributed between Tarragona, Cambrils, Reus, Montblanc, Vila-seca … 3 of them have ‘bitten’ and have cheated money. Two of about a thousand euros each. And the third, almost 40,000. “By making the payment by card, the scammers appropriated the number and with it took the money from them,” explains the expert.
The SMS link leads to a website that could even steal the terminal data just by opening it
The three monetary scams and the eight complaints are the ones that Mossos is now working on, but they are only the tip of the smishing iceberg. Thousands of people receive SMS messages every day of a package that they had never bought, but that the text “invites” them to enter a web link to find out what stage of delivery it is.
“Smishing is not new, but it has adapted to the pandemic,” explains Corporal de Mossos, an expert in cybercrime. Today’s modality has not generated significant economic embezzlement “because this type of scam does not intend to steal money in the first place, but to usurp the information and be able to use it for larger frauds”, reasons the expert.
Alert
Smishing has put the Mossos on alert due to the large number of calls that enter 112 every day due to the doubts it generates among mobile users. «The supposed delivery of a package that has never been bought can open the door to all our data. The information has a lot of value ”, warns the corporal of the Mossos.
The popularization of this scam has been fueled by two factors: the Internet connection of mobile phones is increasingly widespread and the consolidation of online sales. “The SMS that arrives at the terminal has a link written that is the gateway to the scam”, recalls this expert. This coded link has a destination to a website created to simulate the parcel company in which the order has supposedly been placed. And in it there are different dangers that can end in data theft.
11 are the complaints from 2021, 3 of which have ended in fraud. One of them for almost 40,000 euros
«The web can have enough elements that by itself infect your device. They generate automated instructions (bots) to make a profile and know your degree of vulnerability ”, he explains. When they discover these weak points, «the scammer already knows how to deceive us»: He asks us to download the APP (manipulated) to follow a package, request a quick confirmation so as not to lose the gift … «stratagems that allow the information from the terminal to pass to her hands”.
Smishing sells information and does it for a higher profit. Organized groups are not new. They are the same bands that have adapted to the times and have relied on computer experts (or have bought the service) to be able to be in this information marketing. «The telephone allows to give a Facebook account and from there the identity. The next step is to locate the bank accounts.
– .
