In August of last year, “Jorge” had published a tractor for sale through the Facebook Marketplace platform.
A supposed interested party contacted him days later and asked him for some information to deposit a down payment and ensure the purchase of the vehicle.
On September 18, “Jorge” received a receipt on his phone of the pre-planned transfer of funds, although he verified his account and observed that nothing had been credited.
The alleged buyer contacted him and told him that there had been an administrative problem and that they were going to communicate with him from the Nación bank. And that everything was going to be solved from an ATM.
That same day he received an email from Red Link, warning him that an advisor was going to contact him to “activate” the movement of money. There was a call and they took him to an ATM, where the scam was finally carried out.
“Jorge” is the fantasy name of a Malvinas Veteran who lives in Punta Alta, is elderly, disabled and only has a pension as a former combatant to survive – he discovered that he had lost the 16 thousand pesos that he had in his box and that in his name they had taken out a loan for 270 thousand pesos.
To Córdoba and Santa Fe
Following the rigorous complaint, it was discovered that the funds had been transferred to two accounts located in Córdoba and Santa Fe.
In November, the Veteran asked the bank to stop debiting the loan installments, but did not receive a favorable response.
The judicial case went from ordinary to federal justice -because the Nation was the entity involved- and Federal Court No. 1 ordered a precautionary measure to suspend the quotas, although the bank filed an appeal to argue that the entire operation had been regulate and now the issue must be defined by the Federal Court of Appeals.
The attorney general before that body, Horacio Azzolín, who is also head of the Specialized Prosecutor’s Unit on Cybercrime (UFECI), set a ruling rejecting the proposal of the Nation, Punta Alta branch.
“We especially value the hypervulnerable condition of the client (elderly, Malvinas veteran and with a disability generated in the war conflict), whose only income was his former combatant’s pension that was deposited in that bank,” he said.
“Business” and forms
Azzolín warned that the bank did not inform the client “what were their alleged obligations as a user in terms of not handing over their credentials, not even to alleged operators of the entity who come forward after usurping an identity in a temporary context where the cases are they had been increasing for months. “
He also said that the bank should provide “access credentials and a second authentication factor (token), have implemented security alerts and detection systems that allow verifying if the account was accessed from a different device.”
He also remarked that the entity must detect when a client performs operations that do not correspond to their usual profile, such as obtaining a credit through electronic channels and its immediate transfer to accounts that it did not even have attached to.
Tales of the uncle: a failure that can be useful for dozens of people from Bahia scammed
“It is not a question here of affecting the function (and the business) of every bank of lending money and earning with interest, but of asking if the appropriate way to do it is this, immediate and without controls in an environment (that of the internet) risky in itself, as indicated by the Central Bank, “the prosecutor added.
What are the recommendations
The maneuver developed by cybercriminals consists of attracting the attention of users to get their personal data and thus steal money, make purchases with their cards or request quick loans.
They contact them through social networks, emails and / or phone calls offering alleged promotions, the solution of an operational problem or special benefits and ask for personal information.
In order not to fall for this type of scams, the UFECI recommends not sharing passwords or generating new ones at the request of a supposed representative of the bank and not giving confidential data by phone, or by email or text message.
They also advise always entering homebanking through the bank’s official website and not through search engines; Do not go to the ATM if requested by phone and verify that the social network accounts of the banking entities have a blue check mark for validation.
They also warn not to provide personal or bank data to alleged bank representatives, not to make transfers or other operations in exchange for future benefits and to inform the bank if contacts are made from an unofficial channel.
3000% increase in pandemic
Virtuality. In 2020, according to the Specialized Cybercrime Fiscal Unit (UFECI), crimes of these characteristics grew by 3000% compared to 2019.
phishing. This type of operation, like the ones suffered by the Puntaltan neighbor, is called pishing or identity theft.
Appropriation. It is a social engineering technique used by cybercriminals to fraudulently obtain confidential information from users and thus steal the identity of that person.
Modality. The authors send fake emails as a hook to “fish” for passwords and valuable personal data.
– .
