SMS: Once the WhatsApp that we used in the old Nokia brick, SMS messages were almost banished. But in the current era they found a new life when used by banks, government institutions and companies and businesses. For example, parcel service companies, which usually notify you by email and / or SMS of the arrival date of a package you are waiting for. And that is precisely the reason for this notice.
The experts from INCIBE, the National Cybersecurity Institute have detected in the last hours a campaign to send fraudulent SMS, smishing, that try to supplant the transport and shipping company GLS. In the detected SMS, it is reported that the user has an order that has not been sent and is stored in the warehouse due to the fact that the payments for its shipment have not been made.
What happens if you click on the URL in the message? A window opens in the browser pretending to be the legitimate GLS page. If the package tracking button is clicked, the user is instructed to pay € 1.50 in customs fees, where they will give the option in addition to scheduling the delivery.
Next, the fake site shows some options for you to choose how and when you want the delivery, selecting options such as whether you want it to be at the office or at home and the delivery time. At this time, you will see how all your personal data is requested.
No, they will not ask you for extra payments
If you click on continue, things get worse as they will ask for your credit card details. If you enter your credit card details and click on the ‘complete purchase’ option, an error message will appear in the browser indicating that you should contact by email if the error persists. It is at that moment when cybercriminals will have in their possession all the personal data that you have given them, including that of your card. And they will be able to carry out fraudulent actions with them.