How to Identify the New Faces of Telephone Fraud

• Young people have changed their habits, relegated traditional calls and favoured instant messaging, which has opened new avenues for digital fraud. 
• Fraudsters have sophisticated their tactics, taking advantage of the trust placed in bank calls to obtain confidential information and money.

We live in a context of constant connection. In Spain, we spend an average of between three and a half and six hours a day on our mobile phones. On our devices, which have gradually become small computers, we have important information, including our banking data.

Moreover, in Spain, young people spend a minimal part of their time on the phone making traditional calls, an activity largely replaced by instant messaging and social networks.

However, we are willing to talk on the phone in specific cases, such as emergencies or urgent and formal matters. And under this umbrella are, undoubtedly, calls from banking entities for actions such as confirming an operation, scheduling an interview, or reminding the collection of a card.

These calls are, however, a gateway for fraudsters, who pose as bank employees to obtain confidential information and money or carry out banking operations at the fraudster's request.

Vishing: The Voice as a Means of Attack

Cybercriminals employ various strategies to gain the trust of their victims. One of the best-known is vishing, a form of telephone fraud that uses social engineering techniques to deceive victims and obtain personal or financial information. Fraudsters often pose as legitimate entities, such as banks or companies, and use phone calls to convince people to reveal sensitive data.

Unlike phishing, which is mainly carried out through emails, vishing uses the voice as a means of attack. It can also be combined with smishing, which uses text messages to deceive users.

Vishing has evolved and adapted to new technologies, one of the greatest dangers of this scam. Fraudsters have refined their tactics to make fraudulent calls more convincing, taking advantage of the trust people place in telephone communications.

Caller ID Spoofing: Posing as the Bank

Another well-known telephone fraud is Caller ID Spoofing, a technique used by fraudsters to falsify the caller ID number that appears on the recipient's screen. Criminals have detailed knowledge of how online banking works, making customers vulnerable to this type of deception. They use persuasive arguments, often helping to cancel a non-existent fraudulent charge, with the goal of gaining access to the customer's bank account.

The goal of these fraudsters is clear: to obtain confidential data and money. They may request the bank card number or online banking access codes, but sometimes they go further. Some victims have been induced to make payments themselves, under the pretext of correcting an error or recovering stolen money, through immediate payment methods such as Bizum, transfers, or withdrawals from ATMs.

Among other frauds, we can find account verification fraud, prize or lottery scams, fake debt collection, and identity theft, through which they pose as relatives or friends in distress and urgently ask for money.

Protection Measures

In the face of these threats, CaixaBank continuously invests in security, implementing advanced technologies that reinforce the protection of its customers' data and mitigate the impact of scams.

The financial institution advises its customers not to trust unexpected calls requesting personal data and, in the event of any suspicious call, to hang up immediately and contact customer service directly, thus ensuring the neutralization of potential fraud attempts. CaixaBank will never request personal data, usernames, passwords, or codes through any channel. It also recommends verifying the identity of the caller before sharing data, which should never be confidential or sensitive information without prior confirmation.

CaixaBank has also strengthened the security of its online operations and encouraged the exclusive use of its official website and application for transactions. These actions have highlighted the importance of avoiding clicking on dubious links in emails or text messages that appear to be from the bank. This approach not only helps prevent unauthorized access but also contributes to the overall security of the customer when using digital platforms.