Cybersecurity

Rain of text messages in the name of Inps and with fraud embedded. Here's what happened

The Inps itself is raising the alarm these days. It is yet another attempt at large-scale fraud

28 May 2024

4' min read

Rain of text messages in the name of Inps and with embedded scams. They are targeting citizens' data and, potentially, their money. The Inps itself is sounding the alarm these days. It is yet another large-scale scam attempt to exploit the name of Inps and this time it is taking advantage of the recent single and universal cheque, which takes the place of the citizenship income and therefore targets disadvantaged citizens.

In short, the scammers are targeting a segment of the population that is anxiously awaiting the arrival of the subsidy at this time, and at the same time feel more vulnerable, due to their technical skills, to this type of scam.

Note the timing exploited by the criminals precisely 'in these hours several users are receiving a text message regarding the status of acceptance of their Single and Universal Allowance (AUU) application', from the real Inps.

The fake one instead announces, again by text message, that the cheque is blocked. Or it speaks generically about subsidies or benefits to be unblocked or confirmed. In any case, the sms includes a link that the scammers ask you to click on.

The details of the scam

It is 'smishing', writes the Inps on its social channels and website, a form of phishing, i.e. computer fraud, which instead of using email uses text messages.

"The mechanism is similar to that of phishing: attackers try to steal sensitive data by sending text messages pretending to come from the Institute. "Text messages from a fake INPS sender have been reported to the Institute in which the user is invited to click on a link in order to identify himself or update his personal or bank details, to avoid the revocation of benefits acquired, or to receive payment for a generic or specific benefit".

"In this connection, it was reported that some malicious SMS messages were sent on the subject of the Single Cheque.

Among the cases that have been repeated recently is that of a text message inviting you to identify yourself via a link in order not to lose alleged inps benefits.

These links do not lead to pages of the institute, although they use the logos and colours of the inps, 'but to pages that can deceptively steal the data entered by the unfortunate parties,' warns the institute.

"In particular, the institute has received reports of fraudulent text messages asking the user to enter their personal data and upload their front-back identity document with a 'Selfie with document in hand'.

The selfie is an evolution of the classic scam that steals user data by asking the user to enter it by hand. It also allows the victim's identity to be confirmed and offers criminals other material to steal the victim's profile or identity.

The basic objective is to obtain personal data (even secret data, such as those used to access the Inps portal) with which to then obtain benefits of various kinds. With that data, the fraudsters can try to impersonate the user - also by creating forged identity documents - for other scams, either to his detriment or against third parties. They can attempt, with further steps, to turn over to their account the cheque (or other benefits, such as a pension) paid out by Inps. In other cases, phishing or smishing in the name of Inps seeks direct monetisation: by asking to make a transfer - clearly to the criminal's account - to unlock a certain benefit to which the citizen would be entitled.

How to recognise the Inps scam

In order not to confuse genuine and correct communications from the Inps with attempted fraud, it is good, once again, to clarify.

The institute can also contact users through text messages, as we have seen, but it is important to point out that these text messages do not contain links, but solicit an action to be carried out by accessing the inps online services with one's credentials. "We reiterate that caution should be exercised with regard to messages that instead request the opening of a link; this type of message may constitute an attempt at online fraud," writes the institute.

In addition, the institute only contacts the user by telephone in cases of booking access to head office counters with telephone contact and in the case of calls from contact centre operators and from mobile counter operators for campaigns to contact citizens concerning review visits. Phone calls for other purposes, made in the name of Inps, are also scams.

A general advice is to always check one's position independently through the institute's institutional channels or by accessing the MyINPS area with one's authentication credentials. We go to these channels directly - perhaps by searching them with Google if we do not remember the address or save it as a favourite; we never get there by following links that arrive via chat, sms, social, email or other channels.