A new campaign of phishing via email impersonates the identity of Ibercaja. The user receives a message, with bad writing and spelling, that says: “As of 05/31/2021. You cannot use his account” and redirects to a false page where the bank credentials are requested.
The false message uses as an excuse activation of a new security system, so it urges the recipient to click on a link and ensures that the process takes five minutes, explains the National Institute of Cybersecurity (Incibe), through the Internet Security Office.
The body of the message tells the recipient that “should take action now to fix the problem as soon as possible “, adds in Incibe, which has qualified this threat as of measured importance.
If the user has accessed the false link and provided the access data to his bank account (NIF and password), the Incibe recommends contact the bank “as soon as possible” to notify what happened, in addition to modifying the password of all those services in which it is used.
The Incibe remembers some guidelines to avoid falling into fraud type “phishing”, between them, do not open emails from unknown users or that have not been requested, which must be eliminated immediately.
As in any other case of “phishing“,” extreme precautions and let your contacts know so that they are alert to the emails they receive from suspicious origin, especially if they contain attachments or, as in this case, external links to login pages “.
In addition, it reiterates the advice provided by banks and financial institutions in their security section, such as closing all applications or programs before accessing their website and typing the address directly in the browser, instead of reaching it from third party pages or emails.