It is not an assumption. It is a real notice of the Internet User Security Office (@osisecurity) of this same December 23, in which it alerts citizens of a recently detected campaign, which consists of sending emails fake that impersonate the identity of Correos (@Post) and redirect the future victim of the deception to a fake page (which perfectly imitates the official website) in which your data and payment are requested 1.17 euros so that you can receive a so-called package. All lie.
With this excuse or a similar one, hackers they achieve their end, which is none other than that of get hold of your card details and probably the banks.
The distort an absolutely legal website, creating another almost the same that is a perfect “decoy” to make it reach an internet user and obtain, through deception, their data, is what is called phishing. He is one of the doctors of the carding, which is nothing more than the fact of accessing the information of your bank cards for criminal purposes, a problem to which the general population is exposed and especially the elderly, usually less showers in new technologies.
How can hackers get hold of your account details?
What is known as carding It could be translated as the theft of data and illegitimate use of a card. It can occur in the physical sphere (not on the Internet), for example with the crime of duplicate cards in payment devices, with which you also have to exercise extreme caution, but the term focuses especially on the crimes committed on the network.
The target of cybercriminals (already called carders) is to get hold of your card (even if not physically) and with everything that it will allow them to do on your behalf, from making purchases on the Internet, to finding out your bank passwords and making transfers, canceling deposits (and obtaining money ) or hire a thousand services (hotels, travel …).
In the notice launched by the ISO, the “hook” so that you end up filling in the corresponding form and provide your card details (including the verification code) on a fake website, it is an email that redirects you, through a link, directly to it.
The e-mail it is not the only method used. Fake websites are a danger that circulates on the net and in which it is easy to fall even if you are an expert “navigator”. These pages, which mimic the official ones in detail, are made by true cybercrime professionals. Taking a good look at them, to confirm that it is the official page in which we are interested, is essential. The difference may simply be in one letter, in a logo color, similar but not the same in a very similar name …
Sometimes the attempt to steal your card details comes directly from a computer virus or malware, malicious software that installs itself on your device without you being aware of it. Trojans, rootkits, worms … are some of the most used for this purpose. If you make purchases on-line, have a good protection system it is essential to prevent its action.
Basic advice against “carding”, what to do if you detect deception?
It is important to put into practice some simple measures that the National Institute of Cybersecurity of Spain (@INCIBE) to avoid the fraudulent use of your cards and the serious problems that this fact can cause you
- Be suspicious of any email from an unknown user that you have not previously requested. When in doubt, do not open them and remove them from the inbox. Remember that it is very strange for a company to send you a e-mail with a payment request, in which, in addition, it asks you for personal data.
- For your safety, before opening a suspicious email, contact the alleged company that sent it by phone and confirm its veracity.
- The operating system you use must to be updated. Having a good antivirus is essential (check that your antivirus is activated)
- When you want to contact a company or website of a public or private body, write the URL directly in your browser. If you use a search engine, which provides you with several similar pages, look closely and confirm that the one you choose is “the good one”.
- Do not make transactions with your cards on open Wi-Fi networks or devices for public use.
If you suspect that you are facing a possible deception attempt to steal your data, do not hesitate to contact the Computer Crimes Unit of the National Police (you can report or simply communicate your suspicion of fraud on the internet, with complete confidentiality, at the heading “citizen collaboration” of the General Directorate of the Police (@info_dgp). You can also report or report a possible crime by contacting the Telematic Crimes Group of the Civil Guard (@GDTGuardiaCivil).