Cyber threats dominate headlines, and a young Galician woman named Aida Lorenzo shares her ordeal to warn others about mobile-based phishing. She describes a run of events that left her with almost nothing. A new kind of scam uses smartphones as attack platforms, where criminals aim to steal personal information such as bank details and social security numbers. In Aida’s case, a single text message received on September 23 led hackers to siphon 8,000 euros from her Banco Santander account.
“I got an SMS that looked like a message from Santander,” Aida recalls. “It claimed there was a 528 euro fee on my account and provided a link to confirm a purchase.” The link redirected to a page that resembled Santander’s online banking portal, prompting her to enter her access data. “It was identical,” she notes. When the password was entered and the page froze, suspicion grew and she contacted the bank immediately.
“They took 7,000 euros in ten minutes,” she later said. The attackers moved 7,000 euros between two of her accounts, then made card purchases totaling 1,400, 1,700, 1,700 and 1,200 euros through Revolut, a neobank. Aida points out that her card’s daily limit was 1,200 euros, yet she insists everything happened with her permission and without any verification message.
To make matters worse, 2,000 euros were withheld from a joint bank account opened with her partner. “The money was taken as a loan via a card we never requested, even though the bank seemed to think we had a solid banking history,” explains the resident of A Cañiza. She questions whether a young couple with modest income should be treated as if they have a strong financial track record.
Two thousand euros more
At the time, Aida lived in Madrid. After realizing she had fallen for a scam, she travelled back to Galicia to report the incident. She went to the Banco Santander branch in A Cañiza on a Monday morning after returning on Saturday. Unfortunately, the local branch could not stop the transfer of the 2,000 euro loan. To pursue recourse, she visited the Puxeiros branch in Mos and later filed a report with the Ponteareas Civil Guard at the police station, asserting a case of online fraud or a fraudulent transfer conducted through computer manipulation.
Aida’s experience is not an isolated case. National authorities have warned about the widespread use of this tactic, where scammers impersonate banks in order to gain access to accounts. The encounter left her with only 1,000 euros remaining and facing the challenge of recovering funds. “I will need to allocate the remaining money to hire a lawyer to help reclaim what was lost,” she laments, underscoring the emotional and financial toll of this type of cybercrime.