If you have a checking account at La Caixa, you should be very careful. And it is that in the last hours it has been known that a scam is circulating that tries to steal the access password to the users' virtual office , in addition to other extremely sensitive data. The Internet Security Office (OSI) of the National Cybersecurity Institute (INCIBE) has just alerted of a new campaign of fraudulent emails in which users are made to believe that the bank is asking them to take certain actions to protect their Privacy. It is, logically, an absolutely false message, whose only purpose is to steal the credentials of users: your credit card details and verification codes that allow you to carry out certain operations. A full-fledged phishing scam . Open your eyes wide: not everything you see is real.
But how do I know it is a scam and not a real message? First of all, you must be clear about one thing: La Caixa (and no other bank) never sends email messages to its clients to alert them to security issues or other issues related to their bank accounts. In any case, what you can receive are advertising messages or SMS indicating that certain operations have been carried out (such as, for example, that your payroll has been entered, that a receipt has been collected or that there is not enough balance in your account). In any case, it will be communications that you have configured yourself. In any case, and if you are not very clear about where the message comes from, it is best to ignore it and delete it directly. In order for you to be warned, you should know that the scam that is currently circulating is in the form of an e-mail and the subject reads "LaCaixa Online Security" . The text of the email in question informs the user that there have been several incorrect attempts to access their account and that for that reason, the administrative protocols have been activated that will allow them to restore the service with their data.
If you are a client of this entity, you will know that this is an unusual practice by La Caixa. You should know that, if someone tries to access your account several times without success, the entrance to your Virtual Office of La Caixa (Línea Abierta) would be blocked and you could only undo the block by physically going to your trusted office.
In any case, many users may fall into the trap , because the fraudulent page imitates the official page of La Caixa with some fidelity . This is precisely what a phishing attack consists of . Be that as it may, and in the face of this and other threats that may come in the future, we recommend:
1. Ignore the messages that supposedly come from your financial institution . If you have any questions or want to know a service, contact your manager by phone or going to a physical office.
2. Directly delete any message that seems fraudulent to you and notify your financial institution so that they can get down to work and confirm that, indeed, it is not an official message.
3. Always check the address that appears at the top of the browser . It will not be secure if https is not indicated instead of http.
4. Be wary of any email or page that asks for your bank details to solve certain security problems. Even more so if the request occurs in the contexts indicated above.
And you, have you also received this fraudulent email? Tell us about your experience in the comments!