How (and to whom) to report Internet fraud and SMS scams such as WhatsApp, FedEx or Correos



According to the latest Digital Citizenship Index produced by Microsoft, the most common cyber attack in Spain, suffered by 44% of surveyed users, are hoaxes, scams and frauds on the Internet. And in our country we seem to have a particular problem with this kind of attack, since this percentage is 13 points higher than the world average (31%).



Without going further, Since the beginning of this year we have echoed several relevant scams and frauds that involved the use of technological tools: from the FedEx SMS scam or the Correos scam (both directed against Android users), to the campaign to steal WhatsApp accounts unveiled yesterday.



If on any occasion you end up being part of this statistic, it is important that you collect all the relevant information that you can provide (links, downloaded files, etc.) and that make it known to the relevant official bodies. We explain how:



The National Police



The National Police has a Virtual Complaints Office that we can use to file a complaint electronically (although it is not used to report any crime: read carefully the requirements on the web).







It's 2020, but avoiding many phishing scams is still as simple as reading carefully





Besides, his Central Brigade for Technological Research puts at our disposal several forms in which we can report criminal acts related to the technological field, including various kinds of fraud.



The civil Guard



The Civil Guard has a Telematic Crimes Group. As explained on their website, a complaint itself requires "the appearance of the complainant or his legal representative, in a court or police center."



But if what we are looking for is not to file a complaint, but to send the armed institute information about any possible cyber fraud that is being carried out, we can resort to your anonymous citizen information form on this website.



The National Institute of Cybersecurity (INCIBE)



INCIBE maintains the 017, a free phone line for help in cybersecurity matters, which we can call from 9:00 a.m. to 9:00 p.m. every day of the year (including weekends and holidays).




Incibe



If instead of calling by phone we prefer to send our inquiry in writing, we have the option of using three forms:



a) Form for the citizen in general. Among the types of consultation available, we will find one listed as "Fraud Cases".



b) Form for companies: There is no reference to fraud in the available list, we can use "Security problems" or "Others", as the case may be.



c) Form for minors (or for cases related to minors), is part of the 'Safe Internet For Kids' initiative. It is not just for cyber attacks and fraud: cases related to cyberbullying, sexting or contact with dangerous cyber communities are also answered here.







The biggest weak point of your security is you: this is how they can attack you with social engineering





But the INCIBE still provides another channel to report fraud: the mailbox of your Security Incident Response Center. Thus, writing to incidencias@incibe-cert.es,




"You will be able to report the cases of fraud that you detect: phishing emails, fraudulent online stores, websites that host malware, etc."




The Spanish Data Protection Agency (AEPD)



If the fraud to which you have been exposed is also a infringement of data protection regulations that affects the processing of your personal data, you can file a claim by resorting to the AEPD Electronic Office and provide the evidence or indications that you have.



As they warn, "the processing is more agile in cases where more evidence or indications are provided along with the complaint."