In Valencia

The National Police detain a man who obtained data from more than 4,000 bank cards using the smishing method

It created fraudulent web pages similar to those of the Tax Agency and Correos and sent massive messages requesting sensitive information § It came to have 431,000 telephone numbers acquired on the “Dark Web”, the place on the Internet where illegal products are bought and sold, through bitcoins

Once the confidential data of the victims was obtained, it was entered into an application to operate in shops and ATMs.

29 telephones, 56 prepaid cards, 3,520 euros in cash, two laptops, 14 tickets from a bank, a train ticket, a hotel check-in form and two hard drives were intervened in the registry.

13-January-2021.- National Police agents have arrested a 25-year-old man in Valencia as the alleged perpetrator of a crime of fraud after obtaining, through the method known as smishing, data from more than 4,000 bank cards to buy in different shops and withdraw money at ATMs automatic. The investigations began in October when a commercial establishment informed the agents that a male made purchases with different card numbers from different Spanish banks. Due to these facts, the agents verified that he stole bank information through computerized techniques to operate with them.


During the investigations, the agents found out that the criminal network was divided into two different stages. At first, the detainee used the modus operandi known as phishing, in turn separated into several phases. Prior to the scam, the man obtained the services of a VPN for a month. It is a software created to protect privacy, as well as anonymity, and in which the owner does not need to be identified for hiring. Likewise, this business is usually based in countries where there is no police collaboration, which makes the investigation very complex.

Subsequently, he acquired domains with similar names from the Tax Agency and Correos, making his victims believe that he was operating with the original websites. Thus, users accessed fraudulent pages such as, and Finally, within these Internet portals, he inserted forms for the victims to enter their card details. In this way, he obtained information such as the identification number, the PIN, the CVV and the expiration date.


In the second stage of the plot, through the smishing tactic, he sent more than 170,000 messages to Spanish telephones that pretended to come from the Tax Agency, Correos and different banking entities with the aim of misleading his victims. Thus, the person received the text message believing that it came from an official site, so they entered their data in order to unblock an account, pay customs for a package withheld from the post office or release the payment of the income statement. . Always assuming the reliability of the supposed sender.

During the investigations, the agents learned that the investigated used an application to send massive messages, distributing them in large numbers and in less than a second. Specifically, 31,147 shipments pretended to be the Tax Agency and 140,345 Correos. Within the text, the alleged scammer sent the link to the fraudulent website to capture the sensitive information of his victims. In addition, the agents verified that the suspect had 431,000 phone numbers acquired on the “Dark web”, an Internet space where illegal products are bought and sold using bitcoins.

Once he had in his possession the bank details of the victims, he dumped the numbering of the cards in a mobile payment app, which in turn was associated with several terminals of his property. Finally, he used mobile phones to make purchases and withdraw money from the ATMs of the corresponding banks of the victims.

Frustrated millionaire fraud

The rapid police action prevented the fraud from becoming a millionaire and with thousands of people affected. So much so, that in less than a month it obtained the data of more than 4,000 bank cards. According to the investigations, the scammer had all the resources to deploy the fraud on his own and acted alone, although the agents learned that he was part of a virtual community from which he obtained advice to commit crimes without being discovered.

The police searched a room in a central hotel in Valencia, which turned out to be the current address of the alleged perpetrator. In this place, a total of 29 telephones, 56 prepaid cards, 3,520 euros in cash, two laptops and two hard drives were intervened. The detainee, who had no police record, entered prison.


Due to the similarity of the web pages created by the suspect, it is relatively easy to be deceived. To avoid this type of scam, it is recommended to check that the Internet portal address is secure and that it begins with https. Also, it is important not to open or reply to messages from unknown users, in addition to taking due precaution when following links and downloading attached files. Likewise, never give confidential information through emails.

Source of post