A fraud. Dated, around for a couple of years at least. But still effective. L’Inps had to issue a note in recent days to warn potential victims of an online phishing attempt. Phishing is the technical name with which this kind of scams are made. They are fraud aimed at obtaining someone’s sensitive personal data by pretending to be someone else.
In this case, the scammer pretends to be the national insurance institution. To see it, it is not a refined attempt. Looking at the mial, one suspects that it was not INPS who sent it, although the acronym of the institution appears in the sender’s address. The recipient’s name is not even mentioned, only his email address.
The text states that “the automatic INPS system has indicated that you meet all the requirements and conditions to recover the amount of 615 euros on taxes and / or contributions for the year 2021”. To get them you need to give your bank details. And from there the hypotheses are made various. And the risks go so far as to see the account emptied.
The scam, it has been said, is not new. It has been around for at least a couple of years. And it leverages possible reimbursements to be obtained from the institution. It seems that many have fallen for it. The same Inps in the note writes that it has “received numerous reports from users on this front: one of the most frequently encountered methods is the sending of false emails that invite you to update your personal data or bank details, via a clickable link , to receive credit for payments and reimbursements from the Institute. In some cases the link opens a false page of INPS services “.
No cybersecurity in election programs
by Arturo Di Corinto
The institute lists a long series of possible frauds, carried out with the same principle. One would involve an unsuccessful refund attempt. The alarm was then also raised by Csirt, the Computer Security Incident Response Team of the National Cybersecurity Agency. Others could involve payment reminders for unpaid contributions. Again, as reported by a user to Cybersecurity360, it is a fraud attempt.
INPS reminds that “the Institutefor security reasons, never sends e-mail communications containing attachments to download or clickable links “. So the suggestion is to be wary, whatever the sender. And don’t click. Never.
Safer Internet Day: the decalogue for a secure web