A case of phishing in the Valencian courts

A case of phishing in the Valencian courts

The “Phishing“is one of the main cyber-attacks suffered by companies and individuals and although it is not the first time we talk about phishing in this blog, it is worth remembering what it is and how to recognize it.

Phishing is the sending of an email by a cybercriminal to an email account, pretending to be a legitimate entity (banks, social networks, public entity, etc.) with the aim of stealing confidential information from the recipient to use it and obtain an economic benefit (card charges, purchases, etc.) at the expense of the affected party or infect their device. To achieve this, they send infected files or links to fraudulent websites as attachments to the email.

As we have pointed out on other occasions, to avoid them it is important to always be vigilant about incoming emails from a cybersecurity perspective.

How to recognize a phishing case

One of the most common phishing cases nowadays is the one related to banks; any of us receive a fraudulent email from our bank, they make us believe that they need our credentials, we enter a link from the email itself, and we give them the information in a matter of seconds, without even being able to imagine that we will be scammed.

Well, phishing can be detected by paying attention to the following:

Spelling and writing:

Identify if there are any misspellings or disjointed wording due to the use of automated translators.

Verify the e-mail address:

It must be confirmed that it is real and that it matches the address of the entity or the person it claims to be.

Make sure that there is no difference, not even in a single letter, with the official website of the person who is supposedly sending the e-mail.

Analyze what is being requested

Banks never request login credentials or data by SMS email.

Any urgency is an indicator of phishing.

Analyze what is sent to us

Never download attachments or click on a link inserted in the e-mail if you are suspicious.

Despite the fact that the preventive security measures described above are already known to all of us, phishing cases continue to occur again and again on a daily basis, as cybercriminals are becoming more sophisticated and more difficult to detect.

A case of phishing in the Valencian Courts

The Court of First Instance and Instruction number 1 of Moncada (Valencia), has sentenced a Bank to return to a client 5,895 euros, after having suffered phishing in her bank accounts. The sentence is dated May 31, 2023, in the ordinary procedure 848/21.

It all happened through a fraudulent email that appeared to come from the bank where the person had his accounts, requesting his personal data and passwords, which were provided.

The important thing about this sentence is that the Judge considered that the bank had failed in the security measures adopted to avoid this type of fraud, despite the arguments made by the bank which, as always, alleged that the charges to the customer’s card were made correctly since they were authorized by the customer’s personal passwords, there having been no error or technical failure on the part of the bank, and that in any case, it was the “negligent conduct” of the client that allowed the fraud to take place, for not having acted with due diligence.

Well, the Judge of First Instance concluded that the bank had not complied with the bank account contract, in addition to the fact that it could not prove that the client had acted fraudulently or with gross negligence, so that it was sentenced to return the defrauded money, as well as ordered to pay the costs.

The Judge added that the banks should be the ones to detect this type of fraudulent actions and not leave the burden of proof to the user, since they are often defenseless against the banks.

It should be recalled that the Supreme Court, with respect to the duty of self-protection of electronic banking users, in its reiterated jurisprudence, has determined that the victim cannot be blamed nor can a duty of protection be opposed, the only exception being that gross negligence on the part of the user can be proven by the bank or entity providing the service.

How to defend ourselves

In addition to this sentence that can help us to recover the lost money, the best defense is to be suspicious of everything you receive and before opening a document or clicking on a link/link, correctly identify the senders of the emails and confirm if they are trustworthy and if in doubt make a second verification by contacting by another means other than email with the person who is supposed to have sent it to us.

Business Adapter® at your service

If you have doubts about whether you are suffering a cyberattack, ask your consultant for help or contact us by email: info@businessadapter.es, you can also call 96 131 88 04, or leave your message in this form:

[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Contact us, we will be pleased to help you.[/su_button]

Contact us, we will be pleased to help you.
error: Content is protected !!