Wednesday, December 7

Unicaja and Liberbank clients who are victims of phishing: “They robbed me, I can’t do anything and they still blame me”

“My legs started shaking and I started crying.” That was the immediate reaction of Guadalupe, 66, after realizing last June that 10,000 euros had been stolen from her through phishing, a term that in a short time went from being practically unknown to starring in press headlines and alerts against the fraud involved.

Problems due to computer migration between Liberbank and Unicaja affect 200,000 customers in Cantabria

Know more

Guadalupe is one of the more than 400 people who have been scammed in Cantabria as a result of the merger between Unicaja and Liberbank that took place in June. Since then and until now, those affected calculate that the amount of what they have stolen amounts to three million euros, but the bank ignores and denies security flaws in its platform.

“They have robbed me, I can’t do anything and they still blame me,” Alicia expresses angrily in a conversation with this newspaper. This 47-year-old woman is another victim of a scrupulous method designed to steal by impersonating the identity of, in this case, her bank. The ‘modus operandi’ has been the same in all cases: “The fraudsters take advantage of the vulnerabilities that occur during the bank merger to extract usernames and passwords from customers and clone the telephone numbers of the entity,” explains Juanma Brun, lawyer of some of the victims.

Users receive an SMS and a call supposedly from Unicaja alerting them that someone wants to swindle them through a bank transfer and they ask for a code that reaches their mobile in order to cancel it. The reality is that despite the fact that the telephone number is that of the entity, the fraud is being carried out by the caller and the code is not used to cancel the transfer but rather to authorize it.

“They were looking at my account because they were telling me the last movements I had made,” says Alicia, who had 7,000 euros stolen in August. “It’s a perfect scam and politicians, policemen, judges and many people who are keeping quiet out of shame have fallen,” she stresses. When she provided the code, the scammer assured her that the transfer was already canceled and that she should not worry about it, but she kept seeing it in her online banking and could not cancel it.

So she decided to call the same number again, and from Unicaja, this time the real bank employee, told her that they had not spoken to her and that she had been scammed. “I told him: ‘How come I’ve been swindled out of 7,000 euros? If you have called me, it is the same number…’, and he told me: ‘No, we haven’t called you, the scammers even impersonate the telephone line, and I said: ‘Ah, okay, then no it’s my problem, it wasn’t my fault’”, says Alicia.

However, Unicaja insists that the fault is his for providing the code. “I cried and told him that it couldn’t be that he was telling me that, and he was close to calling me a fool,” she laments. “I’m not a fortune teller, if the phone tells me it’s Unicaja, I think it’s Unicaja, and if it reads my bank records, why would I think it’s someone else?” She expresses indignantly.

“I am retired and had little money”

The case of Guadalupe is very similar, with the aggravating circumstance that her economic situation is delicate because, due to her retired status, she receives a pension of 950 euros. “I had little money in the bank, and for me 10,000 euros is a lot,” she says. In addition, Guadalupe claims that she is not used to using mobile phones and online banking, to which we must add that she lives in a small municipality in Cantabria, almost 10 kilometers from her closest bank branch, that of San Vicente de la Barquera, where he has had to go repeatedly to claim his money without success.

Like yours, there are truly dramatic situations: “There are people who have had money stolen from a loan they had requested and are now paying the loan and do not have the money, and a couple who had a balance of 8,700 euros in their account They have taken 9,000 from him, leaving him in the red. These are some examples that Alicia gives and that she knows of the platform of those affected created in Cantabria to join forces and try to get Unicaja to return what they have been defrauded of.

Before going to court, which can take a long time, they hope to reach an agreement with the bank, for which they have requested help from different political leaders, including the president, Miguel Ángel Revilla (PRC), who has agreed to mediate.

“We have a little bit of hope in it because it puts pressure on the owners of Unicaja”, highlights Guadalupe. According to Alicia, the president of the entity has proposed to Revilla to carry out an individualized negotiation with each affected person. However, according to her, Unicaja has not responded to the claims filed in June when by law they have 15 days or two months in exceptional situations. “If they don’t answer our claims, how are we going to trust them to negotiate?” She remarks.

merger problems

The merger of Unicaja and Liberbank was tremendously eventful for users. During the computer migration process, there were massive outages of online tools and ATMs, which resulted in long queues at branches to carry out procedures and try to get answers about what happened. has contacted Unicaja to collect its version. From this bank they excuse themselves in that the entity “never asks the client by phone, SMS or email for the access codes to digital banking, so in the event of the slightest suspicion, data should never be provided.” It also makes a series of recommendations:

“You should not click on attached links sent by SMS or email, nor should you provide bank details or phone numbers through any suspicious format. In the case of messages with attached links, you should never click on them, but you should delete the messages. In the case of a call, you must hang up and contact the bank directly. It is also advisable to keep the antivirus updated, since it can be useful to stop cybercriminals in cases of malware”, they explain from the entity.

Likewise, they also affect the responsibility of the user to avoid this type of fraud and remind that “care must be taken when downloading and opening attachments on the computer” and “it is convenient to check the source and scan them with an antivirus before executing them”, they remark from Unicaja, which also defends that it does not provide customer data or information and that “it periodically and generally carries out alert and awareness work by publishing information regarding new forms of online fraud.”