It is not surprising that cybercriminals take advantage of every moment to deceive users by sending SMS or emails, which are nothing more than a simple message. scam. On this occasion, without any ethics, they took advantage of a catastrophe like the one that occurred in the Valencian Community, Castile-La Mancha and Andalusia because of DANA to impersonate Aemet and send an SMS to cell phones causing chaos.
THE State Meteorological Agency (Aemet) alert via its X account (formerly Twitter) that several users have received an alleged warning issued by the meteorological agency itself regarding the false warning of a “severe storm”.
“Some users report having received SMS messages supposedly from Aemet, accompanied by a link. This is false,” reports the institution via its social network.
⚠️IMPORTANT | Some users report receiving text messages purportedly from Aemet, accompanied by a link. This is false.
Aemet NEVER sends text messages. If you receive a similar message, DO NOT OPEN THE LINK. Our app can only be downloaded from official stores. pic.twitter.com/OfetrTphlU
– AEMET (@AEMET_Esp) November 11, 2024
However, as Aemet herself recalls in her tweet, The agency never notifies about these alerts by sending SMS or any other type of alert to cell phones.but the person responsible for issuing these alerts on the meteorological situation is Civil defense. “Aemet never sends SMS messages. If you receive a similar message, do not open the link. Our application can only be downloaded from official stores,” says the State Meteorological Agency.
In these alerts that only Civil Protection sends and which will reach you, whether your cell phone is in silent mode or on ‘Do not disturb‘, it is reported on the the risks of the meteorological situation and the steps to follow. This is the ES-Alert system.
How to detect an SMS scam
This SMS spoofing technique is called smashing and it is very common for cybercriminals to use it to pose as Public administrations, banking entities or parcel delivery companies.
In the case of this scam in which Aemet is impersonated, it should be noted that the SMS ends with a false link “https://aemet.blog”in addition to the multiple spelling mistakes and lack of accents which are observed in the message and which no one commits in official communications.
If you clicked on the link, downloaded an application or entered your banking details, it is best to Contact your bank as soon as possible and file the corresponding report with the police..
Other Recent Scams Using smashing
In August, a very notorious scam took place due to DGT impersonation, in which users were informed of a fine for unpaid traffic. When accessing the link, personal and banking information had to be entered. As if that wasn’t enough, the same thing happened a month and a half ago with the Social Security Treasury impersonation. In this case it was with the sending of a letter in which users were informed of a supposed increase in their benefits and pensionsfor which personal and banking information was necessary in order to make the payment effective.
Never access any link that arrives on your phone by SMS or email, nor if it arrives by letter. In addition, it is practical take a screenshot of the message or email on your mobileto safeguard it against any unforeseen event, and delete it automatically.
