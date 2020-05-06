In recent days, many people in Spain are receiving an email apparently sent by Social Security, in which the institution “sends a refund” of 345.76 euros, with reference “ES-A80105W”. Thanks to INCIBE’s Internet Security Office (OSI), we know that the campaign is a new phishing fraud with which they intend to defraud the population.

In addition to informing the amount and the reference, this email offers the link in which they pose as Social Security, which apparently leads to the official headquarters with an HTTPS URL, but which in actually links to a fraudulent website with an aesthetic similar to that of the organism.

This is how they pose as Social Security

The real domain points to Italy, with the name opirimini, which is what we should look at when distinguishing between fraud and the official website. The problem is that the fake URL is masked when opened in the browser, and apparently we are in the web HTTPs of sede.seg-social.gob.es, although suspiciously then goes a “-public.net” that bears no relation to the institution.

In her, we will be asked for name and surname, NIF and our card number, with its corresponding expiration date and security number. As INCIBE indicates, “in the current context of health crisis due to COVID-19, with the closure of face-to-face care in services such as those of Social Security, together with the taking of extraordinary measures by public administrations, this types of fraud can increase your credibility. “

Unlike other occasions, this phishing does not include expression, punctuation or spelling errors, so to distinguish it from an email without bad intentions it will be necessary to investigate a little more.

What we should know is that in the first place it is very strange that Social Security communicates with us in this way, and that under no circumstances will they ask us for this type of data without us logging in on your website with our corresponding digital certificate or Cl @ ve PIN. In the entire process of this scam, at no time are we asked to identify ourselves.

