New phishing campaign posing as Spain's Tax Agency

Luis Corrons 11 Nov 2022

Never click on any links in emails, SMS, and messaging platforms – especially if the message urges you to take some immediate action.

There’s a brand new phishing campaign on the run in Spain that poses as the Spanish Tax Agency, Agencia Tributaria

The phishing attempt starts out via a fraudulent SMS that notifies victims of a supposed reimbursement that they qualify for. According to the SMS, all they need to do to receive the reimbursement is to fill out a form on the agency's website.

When the user clicks on the link, it redirects them to a page posing as the Tax Agency and asks for their credit card details, including the CCV and PIN codes.

It's important to note that while this phishing attempt tries to mimic the agency’s real website, it really lacks most of the genuine website’s functionality. For example, it’s not possible to change the language of the site, although the option is there.

When the credit card info is entered by the user, it appears that the site processes it.

Finally, it asks victims to enter a code that they’re supposed to receive via SMS (which the victim never gets), or alternatively, to open their mobile banking app where they’re supposed to get a notification of the reimbursement.

Of course, there will be no notification or SMS code received – these are both simply parts of the phishing attack at work.

A few tips to avoid falling prey to these scams

  • Never click on any links in emails, SMS, and messaging platforms – especially if you don’t know the sender or if it urges you to take some immediate action.

  • Pay attention to URLs, as phishing websites use URLs that don’t match those of genuine sites.

  • If you think the message can be real, navigate directly to the original website from your browser.

  • Use a security solution on your device to protect you against malware and phishing sites.
--> -->