Cybersecurity experts are warning of a new scam that has been reported in Spain, using Banco Santander as a hook to steal users’ bank details and data. Numerous people have reported that they received a message on their mobile phones alerting them that they needed to contact the bank through a website to resolve a problem with their credit or debit cards, and then had their data stolen and cards used fraudulently.
Any Spanish mobile network user, regardless of bank they use, can receive a message that says, as of today, they will not be able to use their credit or debit card unless they activate a new security protection system. However, it is actually quite the opposite, it is scammers stealing your card details.
Once the message and the link that appears in it are accessed, the victim accesses a web page where they put in their bank details, which the scammer now has full access to and can freely use your card until you realise.
This type of scam isn’t new, and it’s not the first time that scammers in Spain have used Banco Santander to entice people to part with their details, as they are the biggest bank in Spanish-speaking countries with a large number of clients.
Security experts at Trend Micro have warned of a record increase in threats, with critical sectors, i.e. government, banking, and health, as the main targets of criminals. In 2021 there was a 42% increase in cyberattacks detected, which exceeded 94,000 million.
This is revealed in their latest study, which warns of the spiral of risks for digital infrastructure and remote workers. “Attackers are always working to increase their victim numbers and profits, whether through the number or effectiveness of attacks,” said Jon Clay, Vice President of Threat Intelligence at Trend Micro.
Ransomware attackers are shifting their focus to critical businesses and industries that are more likely to pay a ransom, and double-extortion tactics guarantee them profit. Additionally, experts have found that cybercriminals are offering ‘ransomware-as-a-service’ campaigns, opening the market to attackers with limited technical knowledge.
Trend Micro Cloud App Security (CAS) detected and prevented 25.7 million email threats in 2021, compared to 16.7 million in 2020, while the volume of blocked phishing attempts nearly doubled over the period.
Business Email Compromise (BEC) detections decreased 11%. However, Trend Micro's cloud security team (Cloud App Security) blocked a higher percentage of advanced business emails, which could only be detected by comparing the attacker's writing style to that of the intended sender. These attacks made up 47% of all BEC attempts in 2021, up from 23% in 2020.
