“They impersonated me and I ended up in jail,” says Mohamed Kadari, 25 years old and from Olesa de Montserrat (Barcelona).
During the pandemic he was looking for work and saw a good offer as a transporter on the Indeed app.
“They selected me right away and needed ID and driver's license on both sides, bank account and membership number,” he explains.
He sent it and they never called him or heard from him again until in June 2022, when he woke up, the local police went to his house with a court summons.
The summons was from Elche (Alicante), he called the court and they told him that they had a complaint for fraud: “Who have I scammed?” he asked.
They told a woman for a tourist rental of about 900 euros.
It was not true.
Someone had impersonated her identity in a bank account with only her name and ID number.
She was supposed to testify one day by videoconference but, after hours of waiting, she was suspended.
From Elche they mistakenly declared him wanted and captured.
Kadari showed up at the police station: “They took my clothes, they took my fingerprints, photos.
They put me in the cell and took me handcuffed in a car to testify.
The behavior of the
police
was great,” he adds.
Kadari's case is still open.
With his name there was another scam already dismissed in Murcia and at least another account in his name has been found in other banks.
Kadari's misfortune probably has to do with his origin: "I have handled similar cases and they are immediately filed," says his lawyer, Tania Ferreras.
“My experience tells me that it is because of his name,” she adds.
Kadari's case is just one of the 335,995 reports of cyber scams in 2022. It is the type of crime that has grown the most in the last decade: between 2015 and 2022, they have gone from 3% to 15% of reported crimes, according to the Ministry of the Interior.
They are the second type of crime with the most complaints after theft.
Its impact is even greater because many cyber scams go unreported.
Mohamed el Kadari, victim of an identity theft cyber scam.Albert Garcia (Albert Garcia)
This week the CIS published a survey where almost half of Spaniards admitted to having suffered a cyber scam attempt.
It is likely that this figure is higher: who has not received an SMS to pay “fees” for a package, a Whatsapp from an Indian number or has seen a fake advertisement from a celebrity?
All this growth has a simple explanation: there is more cybercrime because we are more digital.
“It is closely linked to the use of technology,” explains Steven Kemp, professor of Criminology at the University of Girona and author of a recent manual on cyber scams.
“There is a correlation with daily activities, which put possible offenders and victims in the same space.”
The most common cyber fraud involves identity and access to bank accounts or cards, Kemp says.
But the ones that make the most money per victim, not counting those that affect companies, are the romantic or investment ones.
None of this has much to do with technical sophistication.
“Frauds are being perfected from a social perspective, not a technical one,” says Fernando Miró, director of Crimina, a center for the study of crime at the Miguel Hernández University.
Previously, robbery implied physical presence.
Now it is enough to put millions of hooks to see who bites.
And there is a sector of the population that is more prone: the elderly.
An oversight and 233,000 euros less
In September of last year, an elderly farmer from a town in Aragon was looking for how to invest in cryptocurrencies.
He does not remember which link he clicked on or which platform he saw it on, but he “invested” 5,000 euros.
“Then they told him that he was uploading a lot and that to see it he had to download a service called Anydesk,” explains his lawyer, Carlos Solano, from Ardiciber, a firm specialized in victims of cyber scams.
Anydesk allows you to take remote control of a device.
He downloaded it to his cell phone.
In ten days in October they cleaned 233,000 euros from his account with transfers of 15,000.
They were the savings of a lifetime.
His money, meanwhile, circulated through Lithuanian and Polish accounts and banks.
The criminals couldn't get enough.
Then they wrote to him, always on WhatsApp, alleged employees of a British bank: “They told him that they had the money, but that he had to pay 20,000 euros in fees to get it back,” says Solano.
The farmer asked colleagues for the money because he had nothing left.
The criminals with access to his bank account also requested a pre-granted loan of 30,000 euros.
“Sometimes they wrote to him in Italian or Polish by mistake.
They have a
call center
and they must be scamming all of Europe,” says Solano.
The messages ranged from those calling him “love” to those offended because he accused them of being “scammers.”
Artificial intelligence will help perfect these methods and with better translations.
In the case of this farmer there was also an emotional connotation: he sent back messages showing his tractor and his fields, to share it with that someone on the other side.
He has a hard time recovering what he lost.
Steven Kemp, professor of criminology at the University of Girona, photographed at the Faculty of Law.massimiliano minocri
This crime is very similar to organized work: “They are professionals, they have a division of labor, there are some specialized in gaining access, deceiving, moving money,” says Kemp.
There are also countries with specialties: in India there are more
call centers
, in Ghana and Nigeria they deal more with romance scams and launder them thanks to their diaspora around the world, and cyber scams that require more technological knowledge can come from Eastern Europe.
This scammed farmer is older, but still working.
His life in a remote town and his probable lack of digital and social skills, however, make him easy prey: “There are many crimes that probably occur with a higher frequency than we consider,” says Nieves Erades, professor at the Miguel University Hernandez.
It happens with people who are “in a vulnerable situation, closely related to loneliness or a certain exclusion and also have a certain economic stability,” adds Erades.
The elderly have gained fame as favorable victims of cyber scams.
But although they may be the majority in economic value, they are not in number.
The victims are spread across all age groups: “In terms of volume, it affects more young people.
"Whoever plays video games more, whoever is more active online has a better chance," says Kemp.
Scams in advertisements
Virginia clicked on an Instagram ad that promised to earn 100 to 500 euros a day: “I got tons of them, tired of seeing them, I clicked,” she says.
Virginia, who is unemployed, prefers not to give her name because neither she nor her partner knows it.
Her announcement took her to WhatsApp.
There she spoke to a certain “Charles”, with an avatar photo of a boy in a suit: “I am a woman and he spoke to me in masculine.
There were words that I didn't say well, but I didn't give it any more importance until I saw strange things,” she says.
Cyber scams usually move quickly.
Before long, Virginia was posting 5-star reviews on a fake website for a famous supermarket chain.
For each review she was given 5 euros, which was added to her account.
“I had to do 40 tasks a day, but the bad thing is that on task number 5 you get an 'order' that costs 300 euros and the account goes negative.
To get it positive you have to enter them.
If not, you lose what you have accumulated, all that money that is mine stays there,” she explains.
That money did not exist.
He could only withdraw money if he deposited his own first.
Virginia entered until they asked her for 3,000 euros that she did not have.
She paid up to 800 using a credit card and walked out.
During the days that she “worked,” they put her in a WhatsApp group where there were dozens of positive messages written from fake numbers, but with real identities.
EL PAÍS has verified names of real people with fabricated messages.
Everything helps convince the victim that it is not a scam, even if it seems like it.
Who can do more
Cyber scams have almost stopped being in the news, but the problem is growing.
As in other crimes, there is a tendency to think that the police and prison are the solution.
But in this case it does not seem that way for the majority of cases: “A part of the penal system is based on penalties deterring future criminals.
But if too few sentences are achieved, the penal system does not deter and is not appropriate for this problem,” Kemp says.
“They are of no use,” adds Miró.
Both focus on large digital platforms to mitigate the problem: “They must do more to protect consumers,” claims Kemp.
The new European Digital Services Regulation “considers cyber-fraud a systemic risk,” says Miró.
“That is key because it establishes that platforms evaluate and manage risks,” adds Miró.
If not, sanctions will come.
There are videos with millions of views on YouTube about how to break a cell phone pattern, millions of fake messages circulating on WhatsApp or Telegram, and tons of ads on Instagram, X or TikTok that are not transparent or lead to pages that facilitate scams or directly They steal passwords or banking credentials.
The paths of cyber fraud are extensive and do not stop growing: “Service providers are architects of cyberspace, they are not just vigilantes, they build the way we relate,” explains Miró, who met with Google a couple of months ago to analyze the growing scams for the elderly.
“Providers must take responsibility for these things.
“They cannot allow the user to access it freely and easily.”
“We have to be very careful with the information we share.
If we don't leave our ID on the street with anyone, why do we happily send images of it on the Internet to the first person who asks us for it?" warned Inspector Beatriz Gómez Hermosilla, from the Central Cybercrime Unit of the National Police, when introducing herself. Interior data.
“I'm terrified of touching my cell phone.”
One reason for not reporting cyber fraud is shame, looking stupid.
But the attack can come in more ways than imagined.
María's cell phone was stolen on a bus in Zaragoza at 2:00 p.m. on a Friday in January.
She had it locked with a pattern and she did not have the
ING
app downloaded.
Just six hours later, she had 15,000 euros less in her account at that bank.
The criminals downloaded the app and entered her profile with her ID number and date of birth.
They created another account at ING to transfer the money and requested a visa, which they immediately used virtually.
They also tried to enter her other bank without success: “They got into everything, the photo gallery, WhatsApp, programs that I had, everything to see what they found,” she explains.
When María duplicated her SIM card, the old one lost service and there she regained control.
ING has returned 4,000 euros, but María cannot explain why the bank did not put more layers of security.
The ID with which they opened the new account was expired.
She was not notified of her transfers.
Calls to customer service were in vain.
Banks have managed to move millions of users from offices to the internet, now they must start doing more to monitor fraud, specialists say.
To rob a bank you no longer have to wear a balaclava.
María also does not want to give her real name because she has not told what happened to her parents or in-laws: “I am not prepared to talk about this because I am anxious.
I'm terrified of getting on a bus, of touching my cell phone;
I was one of those who left my cell phone and could go four hours without using it, and now I hear the cell phone move and I go crazy thinking that it is a transfer that I have not made.
“She thought she was safe,” she laments, in a reminder that times have changed.
What to do to minimize risks?
Act with "rational distrust" and common sense when faced with offers or messages from unknown sources.
Never click on a suspicious link and verify the attachment with the sender.
Check the sender on emails and SMS.
Monitor the times at which suspicious messages are sent, if you pretend to be in Spain and send in other time zones.
Do not pay attention to the sense of urgency that is expressed in the messages.
When you receive a very tempting offer, it is better to be suspicious: if a stranger offers a deal that is too good to be true, it is probably false.
Do not always assume that your interlocutor via web, email or social network is who they say they are.
Look carefully at the URL address of the websites to make sure they are not fake.
If you receive an SMS or email asking you to update your bank, card or account information, do not answer or fill out forms of any kind.
It's not that easy to flirt, no one falls in love in two messages on networks or SMS.
Never offer personal data over the Internet, unless it is on completely trustworthy sites.
Never provide bank details without making sure that it is the company or entity in question.
Never provide information on cards, identification documents, tax returns, payroll, usernames, codes and passwords.
Use “quality” passwords (with letters, numbers and other characters).
Change them periodically.
Do not enter the card number on pages with sexual or pornographic content, where it is requested as a pretext to verify the age of majority.
Use extreme caution with the files you receive in chat sessions.
You can follow
EL PAÍS Tecnología
on
and
X
or sign up here to receive our
weekly newsletter
.