In recent weeks, a wave of phishing and smishing campaigns (phishing via SMS) that impersonate the General Directorate of Traffic (DGT) has once again been detected, with the purpose of stealing personal and banking data from unsuspecting citizens. Authorities and cybersecurity experts warn that cybercriminals are refining their methods and increasing the frequency of these frauds, affecting thousands of users across Spain.

How do DGT phishing scams operate?

The modus operandi is based on the mass sending of emails or SMS messages that pretend to come from the DGT. They usually report an alleged pending fine, an urgent file or the expiration of a document, asking the user to click on a link to settle the debt or update data. These messages usually generate a sense of urgency and redirect to fake websites that imitate in an almost identical way the official website of the agency, where they ask to enter personal and banking data.

The DGT insists: it never sends fines or payment procedures by SMS or email. Official notifications are made only by post or through the Electronic Road Address.

The rise of phishing through the DGT

In 2025, the DGT has already requested the removal of 195 detected fraudulent pages; in the last five years, these impersonation attempts exceed 830 documented cases. The campaigns reach thousands of potential victims, and in 2022 alone, nearly 374,000 incidents of data and money theft were reported using the DGT image. Cybercrime adopts structures of real companies, with operational teams, departments and a capacity to adapt much greater than that of the administration.

What to do if you receive a notice from the DGT and how to protect yourself

  • Remember: the DGT never notifies fines or requests payments via Email/SMS or direct links.
  • Don't click on any suspicious links or provide your details through these channels.
  • Always check the sender's authenticity and check the URLs — small differences, such as “dgt-gob.es” instead of “dgt.gob.es”, are key to detecting fraud.
  • If you have entered data on a fraudulent page, immediately contact your bank, save all the evidence and report the incident

Do you want to keep your company and employees safe from phishing campaigns such as those of the DGT?

🛡️ At Apolo Cybersecurity, we offer training, attack simulations and advanced auditing to anticipate digital fraud and protect your organization and your customers.

Prev Post
Next Post

Any questions?
We're happy to help!

CONTACT US TODAY!
info@apolocybersecurity.com
Data Controller: Apolo Analytics SL
Purpose: To process your request and respond to your message.
Legal Basis: Consent of the interested party upon submitting the form.
Recipients: Data will not be transferred to third parties, except under legal obligation.
Rights: You may exercise your rights of access, rectification, and deletion, among others, by sending an email to secretaria@apolocybersecurity.Com.
Additionall information: You can view the full information on our Privacy Policy.

Thank you!

Your message has been successfully received.
Oops! Something went wrong when submitting the form.
We are waiting for you!
Schedule a call
Project photo
send us an email
Project photo
+34 937948378
Project photo
Carrer de Sant Joan de la Salle 42, Barcelona, spain
Project photo
FAQScontactTERMS AND CONDITIONSWork with Us
Accelerated by:
Certifications:
Light Eyes is part of Apolo Cybersecurity
LEGAL NOTICEPRIVACY POLICYCookies
Privacy Settings
Copyright © 2025 Apollo Cybersecurity