Spain’s National Police force has warned the public of yet another internet scam.
It follows a series of recent announcements by the country’s cyber security authorities, warning of several scams with fraudsters impersonating well-known organisations such as the banking provider, Banco Santander and the country’s traffic authority, the DGT.
However, the most recent attempts are claiming to be from Spain’s national postal service, Correos Express.
As is the case with most phishing scams, the objective is to obtain the user's personal credentials, such as bank account numbers, usernames and passwords so they can ultimately gain access to their victim's bank account.
The police alerted users to the scam attempt via their Twitter account. The warning states that the emails and messages from the scammers were claiming that they were unable to deliver a package.
The message can be seen in the tweet below.
???? ¡¡ATENCIÓN!!
— Policía Nacional (@policia) November 21, 2021
Recibes un mensaje supuestamente de Correos Express "Entrega fallida" ➡➡➡➡➡ #NOPIQUES
Quieren conseguir tus datos, no pinches en enlaces de procedencia desconocida
Ignora y elimina #SomosTuPolicía pic.twitter.com/LUEh8CexA9
In English it reads:-
"Dear customer: a delivery attempt has been made on [date]. The delivery failed because no one was present at the recipient's address."
“Re-delivery can be arranged by visiting the link below and confirming your billing information.”
The link will then take the user to a website that looks similar to the Correos website but is in fact fake.
How the scammers work
Even though you may not be expecting a package, a surprise like this always leaves us curious as to what it might be and who may have sent it.
This can lead a person to drop their guard and follow the instructions in the email or text message.
These kinds of scam attempts can be successful as often the user just wants to get their hands on what is rightfully theirs.
After they have explained to the user that there was a failed delivery attempt, they will then offer them the chance to reschedule so that they can receive their package.
However, on this occasion, they will ask for your bank details to pay the fee.
As is usually the Modus Operandi with this form of scam, they will try to tempt you to click on the link, sending you to the fake website where they hope you will part with your personal information.
To add a sense of urgency, the scammers will tell the potential victim that if the package is not rescheduled for delivery within 48 hours, it will be returned to the sender.
Furthermore, they will also advise that shipping and handling costs will not be reimbursed in a further attempt to add legitimacy and fool the recipient.
How to avoid being scammed
Below we offer some simple advice and steps to take to avoid being scammed with phishing and other internet scams.
Source
https://cadenaser.com/2022/04/22/quieren-obtener-tus-datos-y-para-nada-bueno-la-policia-alerta-sobre-la-proliferacion-de-estafas-relacionadas-con-correos/
https://twitter.com/policia/status/1462485209513971715
Updated: January 22, 2024 CET