Phishing, a technique used by cybercriminals to clone bank cards
In Latin America there is an increase in phishing, a form of scam focused on the cloning of chip cards when obtaining confidential information through electronic communications that seem reliable and legitimate.
According to a cybersecurity firm, a criminal group managed to clone using this technique the data of 5 thousand cards and among those affected were politicians, ministers, governors, celebrities and high profile businessmen, most of them Brazilians.
According to data from the National Survey of Financial Inclusion 2018, in Mexico, there are 90.2 million people who have access to a savings account, which makes them potential victims of the crime of cloning cards, which can be done through this Scam mode has increased the delivery of deceptive mail in the region.
The National Commission for the Protection and Defense of Users of Financial Services (Condusef) points out that in the country, one of the tools used by criminals to steal users of financial services is phishing, which should be taken care of by those who tend to make payments and paperwork online, mainly from their mobile phones.
This technique is a practice that consists of sending deceptive emails, with the appearance of an institution or different electronic pages, such as banks, social networks, governmental institutions, in order that people provide their personal data to criminals such as the full name or date of birth, including passwords.
The cloning of telephone cards is also known as SIM swap and serves to obtain the information of bank cards with which you have access to services provided by banks, including transfers or online payments of services.
Experts believe that a trend among phishing attacks is the use of a legitimate resource that is usually used every time a smartphone is lost or stolen from the victim since users have a way to transfer their phone number and other data to a new SIM card.
To obtain information from victims, scammers send emails to obtain data, make use of social engineering, also take advantage of some data leakage or compare the information they have with that of other organized crime groups.
When cloning the SIM card, the device is practically hijacked, so the scammer receives in the new device all the SMS (messages), voice calls addressed to the victim, notifications of social networks and all the elements that allow the double authentication on which the security of financial services depends.