Agents of the National Police have dismantled a criminal organization dedicated to computer fraud through text messages.
Article continues below
In total, 45 people have been arrested in Madrid, Barcelona, ​​Valencia, Murcia and Cartagena accused of belonging to a criminal organization, false documents, identity theft and computer fraud.
Two home searches have been carried out in Cartagena, where, among other things, false documentation, a printer for the falsification of documents and credit cards have been intervened.
The agents detected two fraudulent web pages that impersonated a bank entity.
After a quick action by the researchers, it was possible to block the aforementioned pages, thus avoiding the existence of numerous victims, although in the time they were active they obtained the data of nine clients of said banking entity, managing to swindle more than half a million of them. euros, by emptying their accounts and contracting immediate personal loans.
The modus operandi carried out by cybercriminals consisted of creating well-positioned fraudulent pages by means of payment, supplanting that of a bank, so that when a victim searched the network for the access portal to their entity's online banking, it appeared as a first option, the link created by the scammers, which redirected them to a web page monitored by them.
Once the victims entered their personal data to access online banking, they were made available to the criminals.
Next, the cyberfraudsters accessed the victims' online banking and collected their personal data and phone number and went to a physical store to request a duplicate SIM card under any excuse of theft or loss, thus gaining access over the victim's phone line, which is known as SIM swapping.
With this, the criminals accessed the online banking of the victims again and ordered transfers in favor of third parties (mules of the criminal network). They also requested immediate granting microcredits to then divert all the funds from the bank account, operations validated through the telephone lines they controlled.
The reason for having total control of the incoming and outgoing calls of the victim's mobile, as well as of the text messages, was to evade the security measures implemented by the banking entities regarding the two-step verification that they request from their clients. to prevent fraud in the event your bank account is compromised.
This verification consists of sending a text message with a code to confirm the operation or a call by the entity to the client to verify that they really want to send a large sum of money to a third party or contract a banking product.
The margin of action to execute the fraud is a few hours, the period of time it took for the victims to realize that they did not have coverage on their phone and that something had happened, although the instant messaging applications continued to work in most cases due to Wi-Fi connectivity, which slowed down the time the victim was aware that they had lost control over their phone line.
With this fraud model, the fraudsters managed to defraud nearly 600,000 euros from only nine victims who were in different provinces of the national territory.
With this operation, the creators of the false websites and the entire network of mule recruiters have also been arrested. In addition, two house searches have been carried out in the town of Cartagena. ■