CaixaBank has launched an alert to protect its customers from possible theft and deception. It is not uncommon for ‘cyber attacks’ to target banking entities, and these are increasingly sophisticated and discreet, so prevention must be sharpened.

Hackers have long been capturing robbery victims through false text messages in which they pretend to be the bank so that users fall into the trap. CaixaBank claims that there is now a new type of fraud that combines fake SMS and fraudulent calls to steal bank details and access the victim’s online banking.

The entity explains how the attack works: In the first phase, the user receives an SMS supposedly signed by CaixaBank encouraging them to click on a link.

To make it less suspicious, cybercriminals are able to trick the device into placing their fake message after legitimate messages it has previously received from the bank, in the same SMS thread. When clicking, a false website appears, which imitates the CaixaBank website, requesting the introduction of personal data such as the username, password and telephone number.

If the user sends the requested data, they receive a call from the cybercriminal posing as a CaixaBank manager. To make it even more complicated, the false number that appears on the screen is very similar or even the same as a legitimate one of the entity.

CaixaBank reminds you that «no other legitimate service will ever ask you for your personal data, telephone number or secret access codes. Don’t share them with anyone.”

“We recommend that you do not click directly on the links in the SMS. It is better to access the information offered through the app itself or the service’s website,” they continue. Recommend “pay close attention”

If you detect suspicious operations in your account or you have provided your data in what you believe to be a fraud campaign, immediately contact your branch manager.