I’Inps report to its users a new scam attempt by “smishing”. Deception therefore arrives once again with SMS and e-mail, among the means favored by “cybercriminals” to access the sensitive data of unsuspecting victims and then target their savings.
Reporting via social networks
The National Social Security Institute has decided to sound the alarm through its social pages, with the aim of warning Italian taxpayers about the new online scam discovered in recent days. The system, already tested, provides for the sending of an SMS to the unfortunate guard, who receives on his own initiative the notice of a credit note of 930 euros by the INPS Bank account. The goal, of course, is to convince the victim to follow the following instructions to steal any kind of sensitive information that could allow access to the current account.
“Inps: Payment of 930 euros failed due to lack of update of bank details, update immediately”, reads the misleading message sent to the user, who is prompted to complete the procedure for correcting the error that would have prevented accreditation. A very simple snag to be solved quickly, according to the opinion, since the taxpayer also has a link appropriate to click. The problem is that the latter transfers the victim to a portal created ad hoc by scammers with a misleading graphic reference to the web pages of the National Institute of Social Security. In the event that, convinced that he is on an INPS page, the Italian taxpayer provides his sensitive data, these would be immediately stolen by the “cybercriminals”, who could use them to access the savings of the victim.
This is just the latest in a long series of deceptions set up to gain access to the sensitive data of victims in service. The first thing to always keep in mind, in order not to fall into the trap, is that no credit institution or public body usually asks for the online submission of personal data or invites users to provide their passwords. access to access dangerous telematic forms.
Secondly, it is always advised to avoid clicking on links of dubious authenticity or downloading any attachments that may be present in such emails. If in doubt about the authenticity of the message received, you should contact the institution or bank that sent it. If you were to click on the link, even by mistake, it would be best to reset your mobile phone and change each passkey and the password. The next step is to contact the Postal Police, the only one authorized to intervene to recover the lost money.