It is not the first and will not be the last. Let's talk about the fraud that is turning strongly on the Net and that in these days of emergency fatigue Coronavirus could be very misleading and therefore allow attackers to take possession of sensitive data of unsuspecting users. Yes why there is talk of INPS and the € 600 refund that we have seen the current government has allocated for all self-employed as VAT numbers to counter the Coronavirus emergency. In this case, as often happens, the hackers decided to take possession of the topic exclusively to create a series of e-mails ad hoc phishing capable of capturing the attention of less experienced Web users.
INPS: these emails are not true. Warning!
The alarm is triggered directly INPS which on its website has set up a section in which it specifically explains that the emails that are reaching multiple users have not been sent by the Institute but by malicious hackers who want only and exclusively to capture sensitive data of who will reply. Here is the text of the INPS message:
'' INPS warns users that an attempt is being made to defraud them via phishing emails aimed at fraudulently stealing their credit card number, with the false reason that it would serve to obtain a refund or payment of the 600 euro bonus. All users are invited to ignore emails proposing to click on a link to obtain the payment of the 600 euro bonus or any form of refund by INPS. Please note that information on INPS services can only be consulted by accessing directly from the portal www.inps.it and that INPS, for security reasons, does not send mail containing clickable links in any case.''
So how does the fake INPS email scam work?
Basically, hackers send emails to unsuspecting users who receive them "masked" with similar or misleading logos and layouts compared to those of INPS. Here is the text of the email invited to click on a certain button (or link) which automatically refers to a page which is also masked where the user must enter their data here. In particular credentials of your bank account are requested here so that we can process the direct reimbursement of the € 600 required by the Government. Nothing could be more false since, at this point, once the credentials have been obtained, the hackers can act directly on the account of the unsuspecting user to whom money can be stolen in a few minutes.
Yet another Phishing scam i.e. false emails that are disguised by official national bodies or even others are exchanged by unsuspecting users revealing their sensitive data, clearly jeopardizing their bank account or even their identity.
How to defend yourself from phishing scams?
The phishing strategy created today by hackers it is very often not easy to undertake especially for those who are not so expert on the web and its risks. In this case the advice that can be given to avoid this type of scam is to carefully read the text of the email because it may often contain some translation errors or even incorrect sentences. Not only, if there is a link or some button to click on, it is necessary not to even if the email seems to have a truthful aspect. Also important observe the sender's address in detail because it often happens that this is anomalous compared to the text of the email or even to addresses, perhaps of banks or institutions, that you know.
