If once there was the phenomenon of phishing, now we have entered the age of spoofing.
Don’t worry, we will explain everything to you. At the base is the scam attempt to seize user data through the now classic scam sms. With the difference that the game has become more refined by the bad guys. And therefore it is more difficult, especially for the most distracted or the least accustomed to technology, to defend against these criminal attacks.
Let’s see what is happening, starting from the definitions of the two concepts mentioned at the beginning of the article. So let’s remember what phishing is, and let’s find out what spoofing is, an increasingly widespread phenomenon.
What is phishing
Phishing is a type of scam carried out on the Net, through which an attacker tries to deceive the victim by convincing them to provide personal information (financial data or login credentials). And it does so via email or scam sms, pretending to be reliable.
As we pointed out in a recent article, the average cost that Italian companies have to bear each year to deal with phishing is around 680 thousand euros.
What is spoofing
Spoofing is a type of crime that focuses precisely on the reliability of the message.
In this case, the attacker sends a communication by e-mail or text message pretending to be a reliable sender. And therefore convincing, whatever your request (to provide your access codes to the reserved area of a bank or the numbers of your credit card, for example).
IP address spoofing is referred to when messages are sent using an IP address that makes the sender appear to be trusted. And we talk about email spoofing when changing the header of an email hides the true sender.
As for the messages, with spoofing, massive sms are sent through an alias identical to the name of, for example, a bank. And so those who receive it, unfortunately, categorize it together with those received from the real bank.
Mail and sms scam: what’s going on
As we said, if it is easy to ignore e-mails and text messages from unknown senders (and perhaps, in the case of e-mails, with bizarre usernames and domains), things get very complicated if the sender is our bank or Poste Italiane. These are institutions to which we hand over our money, so we instinctively place a great deal of trust in them.
Cybercriminals know this, and their attempts to deceive are always better disguised. In recent days, messages from senders that in theory corresponded precisely to the name of the institute have been received by various Poste or Intesa San Paolo customers. Institute that perhaps days before had asked for two-factor authentication, a high standard of security.
Technically, as we have already seen, this is possible by using an alias that replaces the real sender number. It is therefore difficult to be wary of a message that looks like it came from my bank.
The problem is that the scam SMS contains a request for urgent action, and an invitation to immediately click on a link. The reasons? Because, for example, “an unrecognized device is linked to your online account”. Or because the customer is invited “to perform the new update. Failure to activate will lead to suspension “.
If my bank tells me, how can I not trust?
Too bad that the link then leads to a scam site, but graphically very similar to the original. In which you are asked to enter passwords and bank details, with consequences that are anything but happy for the unfortunates.
A regulatory hole
These scam sms present one more (not a small) problem. That is a regulatory hole, as Fabio Ugoste, head of cybersecurity at Intesa Sanpaolo, explained to colleagues at Corriere della Sera.
Ugoste said: “The lack of specific legislation on telecommunications and therefore of adequate controls on the use of these technologies allows scammers to deceive victims who see the name of their bank or telephone number appear on the smartphone screen. of your customer service stored in your address book. Unfortunately, since this is a phenomenon beyond their control, banks cannot intervene directly and independently to counter it.
Poste Italiane confirms that “currently it is not possible to block the use of aliases by messaging platforms”.
How to defend yourself
Poste Italiane invites you to “do not open emails or text messages of this type or download attachments”. And to “do not enter UserId, password, personal information and device account codes on Internet sites reached by clicking on the link in an email or text message”.
Furthermore, “Poste Italiane never asks to directly provide personal access data to the website in its communications with customers”.
First rule, therefore, never click on suspicious links. But above all, after any click, never enter your own codes or credentials. The litmus test will be carried out by reading the URL of the site we came across. That, although the graphics mimic the original one, it will necessarily be different from the authentic site address.