Smishing is going full speed in the Czech Republic. And it will get worse

The last date for paper filing of the 2023 tax return was April 2. Even then, cybercriminals were sending out fraudulent SMS messages with alleged tax overpayments, as Novinky.cz warned earlier.

Czechs, however, have a month longer deadline for electronic submission, i.e. until Thursday, May 2. And the computer pirates, who have launched even more massive smishing campaigns in recent days, are also obviously aware of this.

“We have discovered a new smishing campaign that is trying to trick people into their banking identity credentials. “Fake SMS messages purportedly coming from the Ministry of Finance inform the victim of an overpayment or underpayment of taxes and invite them to click on a link,” Avast’s security experts warned.

Cyber ​​crooks strike again. They offer overpayments on taxes, collect the bill

Crime stories

The SMS message itself does not pose a danger to the user, the problem is the embedded link that redirects the trusting person to a fraudulent phishing page imitating the My Taxes portal with the option of logging in using a bank identity.

Bank identity is actually used in similar cases – i.e. when verifying citizens – so even the most observant users may not notice that they are actually serving fraudsters access to their bank account as if on a golden platter. Cybercriminals are then just one step away from laundering the accounts of the trusting.

“If a person fills out a fake login form, they provide the fraudsters with their login and two-factor authentication information. In this way, the attacker can also get into the victim’s bank account and, for example, steal their payment card data, try to make a payment or test the data for access to other services or sell it on the black market,” security experts warned.

Therefore, according to them, people should be very careful and always check whether the link in the SMS corresponds to the real page. This is especially true in the coming days. It is expected that shortly before the last possible deadline for filing income tax, cybercriminals will intensify their activities.

During the current smishing campaign, users can recognize a fraudulent page by internet domain. Until now, fake websites always had the ending .eu instead of .cz. However, it is not excluded that fraudulent sites with a Czech domain will also appear in the coming days.

Phishing and smishing

Last year, there were also fraudulent SMS messages under the heading of the General Health Insurance Company (VZP). It is therefore obvious that cyber crooks do not have to try to deceive the trusting people only through the tax office, but also through the insurance company.

“Some VZP clients have received fake SMS messages on their mobile phones inviting them to make a financial transaction regarding health insurance with the General Health Insurance Company,” warned VZP spokeswoman Viktorie Plívová.

“The content of the SMS is also a link to a fake web address where the alleged transaction is supposed to take place. We advise our clients to ignore these messages and definitely not make any financial transactions through them. The given web address is fake!” the spokeswoman emphasized.

If users click on the link, they will be taken to a fraudulent website that quite successfully imitates the appearance of genuine VZP websites. Fraudsters then demand to log in via a bank identity. At the same time, they claim that it is necessary to get money.

survey

Police officers are constantly informing about Internet fraud and warning citizens to be careful and not to transfer their money to other accounts. The advice is simple. “Don’t trust strangers and if you’re worried about your finances, check your doubts with your bank or on the official phone line that you save in your phone,” Nováková recommended, adding that fraudsters take advantage of people’s gullibility.

The police already warned last month that cybercrime in the Czech Republic is on the rise. “In 2023, the police registered 19,592 crimes that were committed in the Internet environment. This is a thousand more acts than in 2022. Criminal activity in cyberspace is increasing every year and already accounts for almost 11% of the total registered crime in the Czech Republic,” stated Ondřej Penc from the Department of Prevention of the Police Presidium of the Czech Republic.

Of course, the mentioned numbers also include frauds that focus on attracting funds. At the same time, cybercriminals do not have to attack only via e-mail and SMS, but also via telephone calls.

In addition, today fraudsters can spoof the official phone numbers of specific institutions without much difficulty, this is so-called spoofing. Users can thus easily get confused and think they are talking to a bank employee, for example.

Fraudsters are playing journalists

Users should beware of various investment scams in which attackers misuse the name of the news server Novinky.cz. Fraudsters usually attract easy earnings in connection with well-known personalities. In recent months, for example, fake articles featuring President Petr Pavlo or moderator Jan Kraus have appeared.

However, this is a typical phishing scam, where attackers try to extort money from people under the guise of easy profit. However, the scam is quite sophisticated, all the links in the fake article lead to another fraudulent website.

In order to confuse the trusting person as much as possible, cybercriminals in some cases do not want him to immediately fill in credit card numbers or send any money. Everything starts with registration on the given platform, after which the user will be contacted by the platform administrator. It is only with his help that money is coaxed from the trusting. You don’t have to contact him only by e-mail, but also by phone.

Photo: News

Same trick, and it still works. A fake banker lured a man out of over 200,000 crowns

Safety