Social Security has warned of a new fraud attempt that is circulating through SMS and email messages. The messages misuse the institution’s name and claim that the user’s account is blocked, inviting the recipient to click on a link to activate two-factor authentication.
According to information released by the Social Security Institute, this practice corresponds to a phishing attempt, the objective of which is to make users provide confidential data such as passwords, access codes or banking information.
Fake messages circulate via SMS and email
As explained by the Social Security Institute, cited in an official statement, fraudulent messages indicate that the user needs to activate two-factor authentication to unlock the account. To do this, recipients are redirected to a link that supposedly allows them to complete the activation of the service. However, this is an attempt to deceive citizens into collecting personal data.
Social Security emphasizes that these messages are not sent by the institution and recommends that any communication of this type be ignored.
The objective is to obtain confidential data
The fraud falls under a practice known as phishing. This type of digital attack consists of sending messages that imitate official communications from known entities, with the aim of convincing victims to reveal sensitive information.
As explained by Social Security, cited in the statement, criminals often try to collect passwords, authentication codes or bank details through these fraudulent messages.
What to do if you receive the message
Faced with this type of fraud attempt, the authorities’ recommendation is clear. According to the Social Security Institute, citizens who receive this type of SMS or email should not respond to the message or click on any link included in the text.
The institution also advises that the message be deleted immediately to avoid any interaction with the fraudulent content. Furthermore, users should only use official channels whenever they need to access or change services related to Social Security.
Social Security does not send links to activate services
In the same alert, the Social Security Institute reminds us that it never sends messages with calls to activate services or update personal data. As the institution explains, any procedure related to the user’s account must be carried out directly through the Social Security Portal.
The entity also emphasizes that it does not request access codes, passwords or bank details via SMS or email.
Two-factor authentication will be mandatory
Two-factor authentication is a security mechanism that will be gradually reinforced when accessing Social Security digital services. This system requires two forms of verification to confirm the user’s identity before allowing access to the account.
According to the information released by the institution, in addition to the usual password, it will be necessary to enter a temporary code sent to a previously validated contact, such as a cell phone or email address.
An additional layer of protection
This method is considered one of the most effective ways to increase security when accessing digital platforms. By requiring a second verification factor, it becomes more difficult for third parties to access accounts even if they know the password.
As explained by Social Security, two-factor authentication is now optionally available for citizens and companies. However, this system will become mandatory for access to the portal from May 12th. The institution reinforces that any activation of this mechanism must be done exclusively by the user through official channels, never through links received by message.
Also read:
