SMS Scam sa Spain: Paano Makilala ang mga Pekeng Mensahe mula sa Correos, Bangko at Tax Agency
SMS scams in Spain impersonate Correos, banks, Agencia Tributaria, and utility companies. Learn to identify and report smishing attacks.

SMS Scam sa Spain: Paano Makilala ang mga Pekeng Mensahe mula sa Correos, Bangko at Tax Agency
SMS scams -- known as smishing -- have become one of the most pervasive forms of fraud in Spain. Beyond the well-known fake Correos delivery messages, scammers are now impersonating banks (Santander, BBVA), the Agencia Tributaria (tax agency), utility companies, and courier services like MRW and SEUR.
The Expanding Smishing Landscape
| Impersonated Entity | Typical Message | Goal |
|---|---|---|
| Correos | "Your package could not be delivered. Pay customs: [link]" | Credit card theft |
| Santander/BBVA | "Unauthorized access detected. Verify: [link]" | Banking credentials |
| Agencia Tributaria | "You have a pending tax refund. Claim here: [link]" | Identity/financial theft |
| MRW/SEUR | "Delivery rescheduled. Confirm address: [link]" | Personal data theft |
| Electric/gas company | "Overpayment detected. Request refund: [link]" | Credit card theft |
| DGT (traffic) | "Unpaid fine. Pay within 24h: [link]" | Financial theft |
How Smishing Works
The Technical Side
Scammers use SMS spoofing services that can:
- Display any sender name (e.g., "BBVA", "Correos")
- Insert fake messages into legitimate conversation threads
- Send millions of messages simultaneously at low cost
- Target specific geographic regions
The Psychological Side
Every smishing message relies on:
- Urgency: "24 hours to respond" or "your account will be closed"
- Authority: Impersonating trusted institutions
- Small amounts: Asking for 1-3 EUR does not trigger suspicion
- Fear: Warnings about unauthorized access or unpaid fines
New Vectors in 2025-2026
Fake Agencia Tributaria Messages
Tax season brings a wave of fake tax agency SMS:
- "Your income tax refund of 278.50 EUR is ready. Claim: [link]"
- "Error in your tax declaration. Correct immediately: [link]"
The real Agencia Tributaria never sends refund links via SMS.
Utility Company Phishing
Fake messages from electricity (Iberdrola, Endesa) and gas companies:
- "Overpayment on your last bill. Claim refund: [link]"
- "Service interruption scheduled. Update payment method: [link]"
Courier Service Expansion
Beyond Correos, scammers now impersonate:
- MRW
- SEUR
- GLS
- Amazon Logistics
How to Identify Smishing
Universal Red Flags
- Contains a link: Legitimate organizations rarely send links via SMS
- Asks for payment: No real company asks for payment via SMS link
- Creates urgency: "Act within 24 hours" or "immediate action required"
- Generic greeting: "Dear customer" instead of your name
- Suspicious URL: Not the official domain of the company
How to Verify
- Open the company's official app or website directly (never via the SMS link)
- Call the company using the number on their official website
- Check your account status through official channels
Reporting Smishing
| Step | Action | Contact |
|---|---|---|
| 1 | Do not click any link | Delete the message |
| 2 | Report to INCIBE | Call 017 (free) |
| 3 | Report to Policia Nacional | If financial loss occurred |
| 4 | Forward to your carrier | Some carriers accept spam reports |
| 5 | Alert the impersonated company | Through their official channels |
Protect Your Information
Never share personal or financial information through SMS. For secure sharing of sensitive data with trusted contacts, use LOCK.PUB to create password-protected, auto-expiring links instead of sending information through Messenger or SMS -- the very channels that scammers exploit.
Stay Safe
Smishing in Spain continues to evolve with new impersonation targets and increasingly convincing messages. The golden rule remains: never click links in SMS messages, and always verify through official channels. Report suspicious messages to INCIBE at 017 -- your report helps protect others.
LOCK.PUB provides a secure alternative for sharing sensitive information without relying on SMS or unencrypted messaging apps.
Mga keyword
Baka magustuhan mo rin
16 Bilyong Password ang Tumagas: Paano Suriin kung Apektado Ka
Ang pinakamalaking password leak sa kasaysayan ay naglantad ng 16 bilyong credentials. Alamin kung paano suriin kung ang iyong mga account ay nakompromiso at ano ang gagawin.
Pagtagas ng Data sa AI Chatbot: Ano ang Nangyayari Kapag Nag-paste ka ng Sensitibong Info sa ChatGPT
Safe ba ang ChatGPT para sa sensitibong data? Alamin ang tunay na privacy risks ng AI chatbots, mga kamakailang data breach, at paano protektahan ang iyong kumpidensyal na impormasyon.
AI Voice Cloning Scam: Paano Ginagaya ng mga Kriminal ang Boses ng Pamilya Mo para Magnakaw ng Pera
Gumagamit ang mga scammer ng AI para i-clone ang mga boses at magpanggap na miyembro ng pamilya na nasa peligro. Alamin kung paano gumagana ang mga scam na ito at paano protektahan ang sarili at mga mahal sa buhay.
Gumawa ng iyong password-protected na link ngayon
Gumawa ng mga password-protected na link, lihim na memo, at naka-encrypt na chat nang libre.
Magsimula nang Libre