Telephone is a widely used channel by fraudsters to fool potential victims.
This method of socially engineered scam, also known as vishing, can make criminals seem very convincing as it allows them to adapt their message to a potential victim's response, creating a sense of greater credibility to the call.
One of the most common pretexts used by cybercriminals is to impersonate a technician from a major IT company, falsely informing a user that their computer is suffering from a serious security incident and offering to help.
How does this scam work?
The scammer communicates with the victim
It is usually the scammer who contacts the victim by telephone. This call may be made from a foreign telephone number and the contact person may speak a foreign language. Sometimes, however, it is the user who contacts the scammer after a message appears on their screen while browsing the internet informing them of a serious incident with their computer and providing a contact phone number to resolve the issue.
This pretext is bait to deceive the victim
The scammer informs the victim that their computer has a serious security problem and that they can solve it simply by following instructions and making a small payment for the services provided or for a subscription to the company's technical support services.
Installation of a remote control program
In order to carry out checks and resolve the security "problem", scammers urge the victim to install a remote control program on both their computer and mobile phone. In this way, criminals get control of the user's devices.
Installation of malware
Sometimes scammers will install additional programs on the computer or mobile devices of the victim. These programs tend to contain malware (malicious code) that can steal and/or damage information on a device.
Payment of services or a subscription
Finally, scammers will ask users to make payment for the services provided or to purchase a subscription to the company's technical support service. To make the payment, they may either ask the victim to access their online banking and carry out one or several transfers, or they may request details of the user's bank card in order to process the payment. If the victim proceeds to make a transfer, the scammers can modify the amount before it is issued. If the victim provides the details of their bank card, the scammers will carry out transactions in various online stores.
What security measures to follow to avoid falling victim to this type of fraud?
Use common sense
In the event of any unusual telephone call with an unexpected and strange pretext, be suspicious, use common sense, do not give away any information, and end the call.
Be careful when installing unknown software
You must not download and install any computer program from unknown sources or at the request of an unknown person. These programs may contain malware that can damage your devices and the information they contain.
Have a good antivirus program installed and keep it updated
It is always recommended to have an antivirus program and to keep your device's operating system and applications updated to their latest versions.
In the event of falling victim to a scam, speed is essential
If you fall victim to telephone fraud, it is essential to inform a CaixaBank adviser or the 24h helpline 900 40 40 90 or +34 93 887 25 25 as quickly as possible.