During this month, at least two fraudulent sites have been identified in Mexico aimed at collecting confidential information from Telmex and Megacable customers. These deceptive sites seek to obtain banking and personal data illegitimately under the guise of processing valid payments, posing as the official platforms of both telecommunications companies.
Nicolás Azuara, a cybersecurity analyst, explained that these pages are specifically designed to be viewed on mobile devices, blocking access from desktop computers to avoid easy detection. This strategy allows cybercriminals to operate with greater discretion, prolonging the lifespan of the fraudulent sites and complicating the intervention of the affected companies.
One common tactic used by criminals is to send mass SMS messages impersonating Telmex and Megacable, directing users to sites that mimic the original platforms. Once on these fake sites, users are asked for sensitive information, such as their banking card details, which are then captured by scammers to carry out unauthorized transactions.
In response to this situation, companies like Telmex have implemented security measures and warned their users about these fraudulent practices. They recommend avoiding clicking on suspicious links, not providing personal or financial information in dubious emails, and manually typing the URLs into the browser instead of following links provided in emails.
The fraudulent sites, registro-megacable and pago-telmexico, were recently discovered and designed with advanced techniques to avoid detailed identification and dismantlement, making it challenging for cybersecurity experts and authorities. These sites are constantly updated and monitor page activity to avoid detection.
