Cybercriminals take advantage of any event to attack users using methods that allow them to easily steal private information, and the Renta campaign seems to be a perfect opportunity. During the last hours, the National Institute of Cybersecurity He has detected a new wave of smiling in which heThe attackers pose as the Tax Agency to steal citizens’ banking information. They also do it with a good —but false— claim: the refund of 70 euros
At first glance, the content of the message may not seem suspicious, since the Tax Agency also often uses SMS as a means of communication. In this case, the attackers intend to draw the user’s attention with the tax refund for a value of 71 euros and include a link where, supposedly, you can get more information about it. The message, specifically, says the following.
“TAX AGENCY: You have been qualified for a tax refund of (€71.00). Find more information on the website (link)”.
The URL included in that SMS, however, leads to a malicious website where They ask you to enter your credit or debit card details. in order to get that refund. Banking information is actually collected by cybercriminals, who can then use it to make purchases in your name.
How to act if you have received a false SMS from the Tax Agency
If you receive a message of these characteristics, pay attention to the text. If it contains inconsistent words, misspellings, or incomplete sentences, it is likely a scam. You should also check the URL included in that message and make sure it matches the official link on the tax agency’s page. On the other hand, and if the message includes attachments, do not download them and in case of doubt, contact the Tax Agency directly.
If you have entered your data in the URL of the message, contact your bank and explain what happened. They will block the card you used to enter the data. The National Institute of Cybersecurity also recommends changing passwords
It is important to note, furthermore, that the content of the message may varyr. In fact, INCIBE assures that false SMSs have also been detected in which they use a return of 471 euros as a hook. The message, however, includes the same malicious URL with which they can steal your data.