The State Police, following the complaints of two citizens of Palermo who had undergone withdrawals from their bank account at ATM, without ever having given their ATM card to third parties, identified and seized a phishing web page that replied the Internet Banking site of a well-known credit institution, created by fraudsters in order to obtain the credentials for access by the bank's current customers.
The investigations, coordinated by the Prosecutor of the Republic of Palermo, were carried out by the policemen of the Postal Police and Communications Department of Palermo who acquired the first investigative data and developed the related investigations.
Fraudsters have made withdrawals in fraud with the cardless mode, a service that allows you to make cash withdrawals from automatic fast cash machines in Italy without using the ATM card, but only with your smartphone. To obtain what is necessary for the fraud, the scammers pretended to be bank operators and sent an SMS to the two account holders containing the link to a clone website of the original Internet Banking, a phishing web page which requested the insertion of credentials. and the pin connected to the account, which were therefore stolen. Subsequently, the scammers installed the Credit Institute app on their smartphones, connected it to the victims' accounts and activated the so-called O-key Smart, or the cardless withdrawal service. At that point, they made four different withdrawals for each checking account, before the account holders realized they had been scammed. All this has been made possible thanks to further scams that the scammers have made by communicating by telephone with the victims and causing them to forward the bank's security codes that reached their telephone users.
After the first IT checks concerning the hosting of the scam site, in agreement with the Postal Police Service of the Ministry of the Interior, the staff of the investigative area to contrast the Cyber Crime of the Palermo Postal Police carried out a preventive seizure decree emergency and therefore the obscuring of the phishing site, issued by the Public Prosecutor of Palermo. The seizure was later validated by the Preliminary Investigation Judge of the Court of Palermo.
Today the website used for phishing is no longer online, but it is not excluded that the scammers could create other web pages to continue their illegal activity.
The IT investigations conducted by the Postal Police, therefore, are now aimed at identifying those responsible for fraud, for the prevention of which it is advisable to always be wary of telephone and computer communications in which the sharing of sensitive data that is relevant to one's sphere is requested personal and economic.