In recent years, dozens of savings banks have been absorbed and integrated into large banking concentrations. Unicaja Banco, the result of the merger of Caja España and Caja Duero, succeeded all users of Liberbank (created after the merger of Cajastur-Banco CCM with the savings banks of Cantabria and Extremadura) and He is currently responsible for thousands of customers who do not know what to do in the face of an unstoppable scam.

And if so many fusions are already hard to keep track of, imagine the confusion some users have been feeling lately, behind one of the most elaborate scams we’ve ever seen. Yes, I am one of those victims.. All the captures you can see below are personal.

Messaging app confuses real sender with impersonator

To understand the danger of this scam, it is necessary to understand how 2FA or two-factor authentication works, which is an authentication process that requires a second verification step to perform any transaction, whether it’s a wire transfer or a card block.

Banking applications use this computing tool to enhance the security and privacy of our profiles and accounts, whether unlocking with a one-time PIN, biometric, password or similar. However, it doesn’t always work as it should.

As reported via El Confidencial, Unicaja users are surrounded by phishing and other forms of scams. Reason? How well executed is this scam. so much that messaging apps do not distinguish scam messages originally sent by Unicaja from real ones.

Actually, since I get such totally unknown messages, I decided to block the sender by calling it SPAM. Of course, by doing this, the messaging system no longer gives warnings every time the official Unicaja app sends me a confirmation code to process something.

The problem arose this week when I had to transfer to approve one of my daughters’ college residency application. No matter how hard I try to digitally sign the transfer, One time code not received. Of course, the ‘Messages’ app, which sent the sender to the SPAM suspects folder, realized that it no longer wanted to know anything about Unicaja.

My conversation with the customer service department also didn’t fully explain to me how to proceed. While there are alternative unlocking and verification methods, none are as useful as a One Time PIN. Very good, I started unlocking Unicaja. In doing so, the messages came with a more sinister look: “Your account has been temporarily blocked for security reasons”. What had he done wrong?

This message is just one of many messages sent to click and click the link. Accusations I do not know, same senders, slightly different addresses from the official address… If you ignore this, there is nothing to fear a priori. But, What happens if you accidentally press it?

Well, a ‘call fraud’ system or phone makeover will let you know: Multiple attempts to access your bank account or the application has been stopped but To completely stop and prevent this intrusion, it is necessary to provide Unicaja website access codes.. A priori, it also seems like a fairly consistent move.

The truth is, if we give them the keys, they’ll have full access to our accounts, cards, and other services to spend until we’re broke. It’s a pretty ingenious move that you need to be particularly careful with.