The business of the last fraudster arrested by the Civil Guard was a classic of modern times, one more cybercrime like the 375,506 that were perpetrated last year in Spain.
He was a specialist in the so-called
Man in the middle
(a man-in-the-middle attack, more or less), which basically consists of the bad guy intercepting invoices that a seller sends electronically to a buyer, falsifying them, deviously collecting them, and disappearing, leaving an overdraft.
What made this man from Almeria different was his persistence and disposition: he would send 120,000 fraudulent SMS-type messages in a single day.
But, as the armed institute recounts, if he had wanted to, he could have sent 128,000 every hour.
He had already won 85,000 euros.
The 379% increase since 2016 in computer crimes like this has led the Ministry of the Interior to launch a campaign this week on the networks, where cyberbad guys lurk,
to
warn of fraud on the networks.
And the traps are everywhere.
The work of the last detainee was entertaining.
He first had to investigate his potential victims, usually municipalities, whose providers he took note of to intercept emails with invoices attached.
Normally, they attacked the electronic communications that were going to pass through the FACe platform (General Point of Entry for Electronic Invoices), which allows the charge to be presented to almost any Spanish public administration.
The arrested, with this and other techniques, had already defrauded 85,000 euros.
He had prepared thoroughly.
He had a modem with 208 ports, capable of sending "124,888 fraudulent SMS messages every hour," according to the armed institute.
He had accumulated "holograms with the coat of arms of the Kingdom of Spain to falsify documentation", a POS to make
contactless
payments , three memory cards with more than 400 forged documents and more than 600 prepaid SIM telephone cards.
Two guards in the cyber scammer's office.
On the left, the modem capable of sending 128,000 messages per hour.
What this latest operation shows is that cybercrime is relatively easy to commit, and very profitable.
Hence its strength.
In 2022, the State Security Forces and Bodies recorded 375,506 criminal offenses, 72% more than in 2019, before the pandemic, the year taken as a reference.
The vast majority are frauds or computer scams, which last year represented a total of 336,778 crimes (89.7% of all cybercrime and 14.5% of all crime).
If compared to 2016, when 70,178 cyber-scams were registered, growth in these six years is 379.9%, according to last year's crime report, which was presented the week before.
Last Friday, Interior warned about the danger of cyber-scams of false job offers and cheap rent, having detected an increase in them, in which information is required from job applicants that allows them to impersonate their identity or steal their passwords. banking.
The following day, a criminal group based in Galicia dedicated to the
sextortion
of users of contact pages fell, which had given
sticks
to users from Béjar (Salamanca), Talavera de la Reina (Toledo) and Tomelloso (Ciudad Real), for example.
This same Monday, the National Institute of Cybersecurity (Incibe) warned of the detection of a campaign of fraudulent messages through false SMS in which the client is informed of a charge in his Bankinter or Targobank account and that it has been blocked.
And the Hospital Clínic de Barcelona is still suffering the consequences of the hijacking of its computer system, which took its administrative procedures back to the last century.
Hence the unodecadacinco campaign, because one out of every five crimes that we suffer in Spain is perpetrated by someone hidden online.
The alert focuses on the increase in the main businesses of
cyberbad guys
:
sextortion
,
phishing/smishing
, CEO fraud (very similar to the one arrested in Almería), kidnapping by
ransomware
and fraudulent electronic commerce.
In general, experts regularly point out coincidences that indicate that a message, an SMS or an email is the start of a scam: the urgency or haste with which the fraudster usually claims, the maneuvers to avoid meeting in person in any way and, above all, do not download anything at all.
The most common cybercrimes are, according to the description of each one made by the Ministry of the Interior:
The sextortion.
Blackmail that is committed against a person under the threat of publishing or spreading images of their privacy.
Grooming is called: harassment and sexual abuse of a child or adolescent carried out through the network by an adult who pretends to be a minor to gain the trust of the victim.
Phishing/Smishing.
Actually, it is bait to see if someone bites, hence this modality is called fishing.
It consists of sending emails or SMS messages that impersonate the identity of an institution or company to extract personal and confidential information from the recipient.
In this modality, false job offers come in, most of them too good to be true.
Here the key is to achieve the identity of the recipient.
To do this, hundreds of thousands of messages are sent daily.
Someone will take the bait.
CEO fraud.
Very fashionable and closely related to the man from Almería, although different.
It is a trick to the employees of a company with the ability to access financial resources to make a payment or a transfer to a fraudulent account.
Ransomware.
Perhaps the most massive and dangerous when he hits a target.
It consists of the introduction of malicious software that blocks access to the computer or computer system, until a payment is made by the victim to unlock and recover files.
This kidnapping of data for ransom has just been suffered by the Hospital Clínic de Barcelona, which shows that the main targets are sensitive institutions, with confidential information and whose activity is seriously compromised by the kidnapping.
Fraudulent electronic commerce.
Criminals create web pages with a false offer of products for amounts below market prices, sometimes supplanting legitimate businesses, with very well elaborated and camouflaged copies of sales websites.
The products that the victim buys never make it home.
Love/Romance Scam.
They are contacts through social networks or specific contact platforms with the intention of obtaining economic benefits under the simulation of a sentimental relationship or falling in love with the victim, "who is almost never aware of the deception."