ING Spain, a company that offers online banking and insurance services, has warned of an attack in the form of phishing that reaches users either by email or SMS.
When sent as an email, the message appears with the company logo at the top and the text dictates: “Dear customer, we are having trouble verifying your credit card information. We invite you to correct this problem by clicking on the link below and following the instructions: ”. This text (it uses a loism, “and following” appears written together and the two separate points of the word instructions, we have not made a mistake when copying it) is followed by a link.
When it appears on the phone as an SMS or text message, the customer literally receives the following information on their phone: “Ing Banco SA, as of 01/25/2021 You will not be able to use your account, you have to activate the new security system web from: “and is followed by a shortened link to bit.ly.
ING alert on your Facebook account
The mail is more successful, but in the case of the SMS the spelling mistakes, which are much more visible and repeated, and the fact that the date is set in the American date format (that is, first the month and then the day, at the contrary to Spain) make it easy to suspect that it might not be true.
It has been the ING spokespersons themselves who have reported these attacks through their Facebook account. In their brief statement they tell users that “If you receive it, do not access any link and delete it”; “If you have any questions, send it to us at email@example.com” and leave some advice in a link also shortened with Bit.ly. The latter has led certain users of the banking service to complain on Facebook that ING creates confusion by giving a link in the same format as phishing, which not all its customers have to understand.
This link shared by ING leads to its own website where it explains how to identify a phishing attack. For example, you have to pay special attention to the domain. In the case of this company, the emails have to end in @ ing.es. Overall, according to the online banking and insurance firm, “if you see something strange, it is very possible that it is phishing“, although it recognizes that the most sophisticated attacks can spoof the domain.
In this case, the company that provides its services over the Internet recommends to its clients that if they receive an email in which they must enter a link, that they better open another browser tab and train directly on the bank’s page and on their profile to see if there really are changes. “Another clue is that they ask you to enter your account urgently: We are never going to ask you for this, “they clarify from ING.
What the company has not clarified is what exactly are the consequences for your customers to access the link and end up falling into the trap of this phishing attack.
The most common phishing attacks in recent weeks
It is not only the clients of ING’s banking and insurance services that have been the victims of these attacks. In Spain, in recent weeks, two well-known services have been used as a hook by cybercriminals in order to obtain valuable information from people.
On the one hand, a few days ago it was known that many people were receiving an SMS from the Post Office. Victims who fall into this trap give an application of unknown origin control of their contact list and the SMS they receive (which can lead them to control the messages that the bank sends to its customers when they want to make payments online) .
On the other hand, a new malware dissemination campaign is beginning to be noticed in Spain in the last few hours. Through a text message, those in charge pose as the logistics company DHL to notify of the next receipt of a shipment. It makes the user download an application that is ultimately not a package tracking service, but a banking Trojan.
Photo | Stephen Phillips