Phishing, smishing and vishing
Phishing (via email), smishing (via sms on the phone) and vishing (via telephone communication) are
the main methods used for scams targeting bank customers. The main feature of each of them is the
way that in each case the fraudster approaches his prospective victim. Fraudulent emails (Phishing)
The term "phishing" refers to fraudulent emails, which are intended to deceive their recipients and to
disclose to the fraudsters their personal and financial information or security codes.
How does it work?
The scammer approaches his prospective victim by sending him a misleading
email. These emails:-
They may look very much like the messages that banks send to their customers.
- Copy the logo, features and style of
real emails.
- They ask you to download to your device an attached file or click on an
electronic link.
- They make use of terminology that gives a sense of
urgency.
What can you do?
- Keep the software up to date, including the browser, antivirus and operating system.
- Be especially careful if a "bank" email asks you for sensitive information (e.g. your bank account
password via internet banking).
-
- Check the email carefully: compare the address with the previous actual messages from your affiliate
bank.
- Check for spelling mistakes and grammar or syntax errors.
- Do not reply to a suspicious email, instead forward it to the bank you are working with, by typing its
email address yourself.
- Do not directly click on the link and do not download the attached file, instead type the address of
the electronic link in the browser you use.
- In case of any doubt, check the website or call your bank.
Cybercriminals rely on the fact that people are busy and hasty. This, combined with the fact that
fraudulent emails seem to be legitimate, maximizes the risk of falling victim.
Take special care when using a mobile device. It may be more difficult to spot an attempt at phishing
from your mobile phone or tablet.
Fraudulent phone calls (vishing) The term "Vishing" (a combination of the words "Voice" and
"Phishing") is a scam over the phone, which aims to deceive the victim in order to reveal his personal
and financial information or security codes or even to transfer money to the scammers.
What can you do?
- Be careful with unannounced and unannounced phone calls.
- Keep the phone number from which they have called you and inform them that you will return the
phone call to them.
- To verify their identity, look for the phone number of the business and contact them directly.
- Do not verify the person who is calling you with the phone number they gave you (it may be a fake or
falsified number).
- Scammers can find your basic contact information online (e.g. from social media). Do not assume that
the person who is calling you declares his true status because he has such information at his disposal.
- Do not provide the "PIN" code of your credit or debit card or the password of your bank account via
e-banking. The bank you work with will never ask for such information.
- Do not transfer money to another bank account at their request. Your bank will never ask you to take
such action.
- If you think it is an illusory phone call, report it to your bank.
Fraudulent sms messages (Smishing)
The term "smishing" (a combination of the words "SMS" and "Phishing") refers to the attempt of
fraudsters to obtain personal and financial information or security codes through SMS messages.
How does it work?
The text message will usually ask you to click on a link or call a phone number in order to verify,
update or reactivate your account. But... the electronic link leads to a fake website, and the phone
number leads to the fraudster who claims to represent the legitimate business;
What can you do?
- Do not click on links, attached files or images you receive with text messages (sms) without having
verified the sender.
- Do not rush. Take your time and carry out the necessary checks before responding.
- Never reply to a text message (sms) asking you for the "PIN" code or password ("password") in your
bank account or any other personalized security credentials (e.g. e-banking user name).
- If you think you may have replied to an illusory text message (sms) and provided your bank
account details, please contact your bank immediately.
