Cyberattacks are still the norm. Network criminals use phishing and mishing to pretend that they are a bank, steal data, or money directly from accounts.

In recent weeks, one such case occurred. It is a scam that could potentially affect customers of BBVA or Unicaja. The Internet Security Office (OSI), in an alert, warns users not to fall for the trap of receiving an SMS from a different bank that appears to be from an entity.

OSI has issued a warning regarding an SMS that supplants BBVA. It is specifically being sent to Android phones, informing them that their version of the mobile banking update is not compatible, and encouraging them to follow a link. The malicious app downloaded from the URL is able to infect your device and take control of your data.

Fraudulent SMS sent on behalf of BBVA / IDEAL

OSi also issued a notice about a smishing issue, in which the identity used to send fraudulent SMS was revealed. They supplant Unicaja Banco and Liberbank. They send users a message to inform them about blocking an account to prevent fraudulent entry. However, it is a deceitful message: the cybercriminals want data and bank passwords to include and get their hands on them.

Don’t provide banking or personal information to web pages accessed via a link in an email, SMS or other communication.

Review the SMS link carefully to see if there are any unusual characters or words.

BBVA will not ask for your One Time Password (OTP), codes by mail, phone, or SMS. These codes can only be requested by the bank in its official applications or in certain processes that require them (e.g. unusual transfers).

Be wary of alarming messages with a urgent tone or misspellings or typos (“should”)

Never respond to suspicious messages.

Secure web pages start with https.