Agents assigned to the Technological Crimes Group of the Judicial Police of the Higher Police Headquarters of La Rioja, alert of a specific type of scam, through the application of 'Bizum'.
The key to Bizum is the immediacy and simplicity of payments. For example, between individuals you can spend money in 3 seconds. When the amount is small or the person to whom money is passed is habitual, there are banks that do not request any extra pin. But if in large quantities. Typically, Bizum sends a message with a code to the interested party that they have to enter in order to close the operation.. The maximum amount that can be sent per day is 1,000 euros, but you can receive up to 2,000 euros. Precisely the speed of shipments and these small amounts have made Bizum an easy target and now it has been involved in different forms of fraud.
One of the most widespread forms of fraud, reported this week at the La Rioja Superior Headquarters, is the procedure by which an alleged buyer, in this case of a vehicle, contacted the seller of the same, stating that was interested in your purchase, indicating that he would pay you as a "reservation concept" the amount of 400 euros through the Bizum application, The seller accepting the procedure, although the alleged buyer instead of making the payment, instead sends a request for money with the aim that his victim is the one who sends said amount, the seller accepting it and transferring the amount of 400 euros to the buyer.
Subsequently, the seller, realizing the error, tries to contact the buyer and he does not give signals so he has no way of returning the money, going to these police offices with the aim of filing a complaint.
Another more widespread example is where victims receive a phone call from their phone company (supposedly) to lower their bill or offer them gifts. If they accepted the offer, they have to provide their bank accounts or cards. The scammers then associate those cards or accounts with Bizum. As a PIN number is needed to carry out the operations, he has to get the victims to provide it unconsciously, believing that it is a code to activate the operator's offer. Once they have the phone number, account or card and the PIN, the transfers are made.
Scammers persuade customers to provide their banking credentials, "abusing their good faith." And with them, subsequently, they operate on your behalf, making transfers from their accounts or with Bizum as the case may be.
It is very easy to follow certain recommendations so as not to fall for a scam:
-If bank details have been provided, the bank should be contacted directly to take the corresponding security measures and thus avoid additional charges being made.
-Regularly monitor what information exists on the Internet about oneself to detect if private data could be used without consent.
-If you have installed a program by indication of the supposed operator, it is advisable to uninstall it and analyze the device with disinfection tools to assess that there really is no risk.
-File a complaint at the nearest National Police Headquarters.
Parcel shipping scam
Paqueria shipments also have their risks. For example, when you receive a message like this: "Good morning, dear customer: Your order was delivered on xxx at the collection point. Check where you can pick up your packages: Link."
It is recalled from the Superior Headquarters that the scam consisting of receiving an SMS in which they notify of the receipt of a package impersonating a logistics company is being received and they invite the recipient to install an app to find out where, supposedly, the package is . (Post, FedEX, DHL, etc).
Once this Trojan infects the terminals, it is established as the default application for SMS in order to control it, access the contact list and cause the automatic forwarding of SMS-type messages.
People who are infected with this type of malware, without the owner of the phone noticing, send an SMS to all the contacts in their agenda a message simulating a parcel company with a link. The recipients receive the message in their name (with the one that appears in the contacts of the infected person) and if they proceed to enter the required data through the link, they are also infected, there being the possibility that, depending on the message, the data that you have entered are bank data and that you will suffer, a posteriori, a card charge or access to your online banking.
Another modality, very similar to the previous one, is that of sending a forged SMS sent to citizens' mobile phones about a package pending collection, It contains a link whose query triggers the download of a malicious application intended to access the terminal data.
In this case, the message warns that the receiver has a few hours to confirm the shipment through a mobile message, otherwise it will be returned to the sender. After that, a supposed code is received that will have to be sent to a supposed email address. Finally, it turns out to be an illicit subscription to Premium payment services on various websites that result in fraudulent charges on bank cards or surcharges on telephone bills for receiving premium SMS messages.