Banking “phishing” is an attempt at impersonation where cybercriminals impersonate a company, institution or service with a good reputation, to deceive and obtain private data, such as bank details and associated credentials.
In most cases, email is used as the main means of transmitting this deception, but it can also be done through social networks, sending SMS to mobile phones and calls to landlines.
Cybercriminals select the company or service they want to impersonate, sending an alarmist message, seeking a reaction from the victim in order to end up clicking on a link or downloading attachments, often hidden.
The victim is redirected to a fake website similar to the impersonated service, where the user thinking he is on the official site, ends up filling out a form where he provides the same data he would have used on the actual website.
Finally, this data, in the case of a bank, can be used to seize bank accounts and / or make money transfers.
Phishing cases can be identified when emails received do not come from a trusted web domain and / or using a free service such as Gmail, Outlook, etc.
The subject of the mail is usually very striking, linked to security issues or bank accounts that may become inactive or blocked if no urgent action is taken.
The wording of the message is not usually correct, it is constituted with poorly constructed or meaningless sentences, with strange words, symbols or characters, with misspellings or in another language. However, there may be fraudulent messages with the correct wording.
In addition, they are usually messages with nothing or little personalization, such as “Dear customer / user / friend”, as they are messages sent en masse to hundreds / thousands of email addresses.
If you have been the victim of a “phishing”, you must inform the Police.