CERT-AGID has detected numerous smishing campaigns targeting INPS users. Recently, a particularly threatening scheme has emerged, where scammers are intimidating victims with alleged legal consequences related to their tax declarations. Users receive SMS messages that lead them to a phishing page designed to steal personal information, including identity documents and bank details. Affected: INPS users, CERT-AGID, financial sector
Keypoints :
- Numerous smishing campaigns are targeting INPS users.
- Scammers are adopting a more aggressive intimidation approach, threatening legal consequences.
- Victims receive SMS messages prompting them to click on a phishing link.
- The fraudulent website mimics official elements and requests sensitive information.
- Identifiable personal documents include identity cards, health cards, and pay stubs.
- Stolen data is often used to create digital identities for illicit purposes.
- CERT-AGID has initiated countermeasures against this campaign.
- Users are strongly advised to verify the authenticity of suspicious messages.
- Users should report dubious communications to CERT-AGID.
MITRE Techniques :
- Phishing (T1566) – Scammers send SMS messages that appear authentic, leading users to a fraudulent website.
- Credential Theft (T1552) – The phishing page requests personal details, including bank account information.
- Data Manipulation (T1203) – Stolen personal documents are utilized to create false digital identities.
Indicator of Compromise :
- [URL] http://malicious.com/path
- [Email Address] malware@cert-agid.gov.it
Full Story: https://cert-agid.gov.it/news/smishing-inps-nuova-truffa-minaccia-conseguenze-penali/
Views: 68