The Public Ministry (MP) warned of a criminal campaign targeting customers of Portuguese banking institutions, through false messages and telephone calls. The scheme, described as “very complex”, seeks to obtain account access data and lead victims to authorize high-value transfers without realizing it.
According to , the campaign combines phishing and social engineering. Criminals send messages via SMS or email, indiscriminately, pretending to be banking institutions.
Fake messages in the name of banks
In fraudulent messages, recipients are warned of an alleged transfer or payment made from their account. The intention is to create alarm and lead the victim to believe that there was illegitimate access to the bank account.
Then, a supposed solution is presented: clicking on a link to quickly resolve the problem. However, this link takes the victim to a fake page created to imitate the bank’s official website.
On this page, various personal and banking details are requested, including identification elements and account access credentials. The telephone number is also requested, which becomes an essential part in the second phase of the scam.
Criminals call victims
After collecting the data, criminals are able to access the victim’s bank account, check movements and check the available balance. However, in many cases, they still need to overcome the second authentication factor to make transfers.
This is when the phone calls come in. Scammers contact the victim and pose as employees of the bank’s cybersecurity department, using real account information to give credibility to the conversation.
During the call, they say they identified a suspicious movement of high value. When the victim denies having carried out this operation, the false employee offers to cancel or reverse the movement.
Second factor used against the victim
To carry out the fraud, criminals ask the victim to confirm the supposed cancellation using the second authentication factor. This can be a code received via SMS or validation in a bank application.
In reality, this confirmation does not serve to cancel any operation. It serves to authorize the transfer that criminals are trying to make from the victim’s bank account.
Once they obtain the necessary code or validation, fraudsters are able to approve the transfer and take possession of the money. According to the MP, the objective of these campaigns is to carry out very large monetary transfers.
Messages must be deleted
The MP’s Cybercrime Office recommends that this type of message be ignored and deleted, without any response. The same caution should be applied to telephone calls in which someone introduces themselves as a bank employee and asks for codes, validations or personal data.
The MP emphasizes that the messages are not sent by banking institutions, nor do they come from servers belonging to banks or managed by these entities.
Anyone who has already provided personal or banking details should immediately contact the bank through the usual official channels. This should be the first measure to try to block access, prevent inappropriate movements and protect the account.
The main recommendation is simple: never click on links received by SMS or email to resolve supposed banking problems and never provide authentication codes over the phone. If you have any questions, you should contact the bank directly, using the official contact details.
Also read:
