There has been a recent rise in cyber fraud. In a few cases it has been reported that experts approach the public in order to steal their bank details.
The most common methods used by criminals in their attempt to gain access to banking data or personal data of citizens are sending emails, SMS and phone calls. The experts appear as bank representatives and ask the public to give their codes and details.
This type of deception is called social engineering and is divided into three main categories:
Smishing : Scams via SMS
The term smishing refers to the attempt to intercept personal information via SMS messages.
The text message copies the terminology used by banks in their communications and asks users to click on malicious links that lead to websites that are very similar to the Bank's website or to call a phone number to verify or update their data.
As soon as the experts have access to the personal data of the customers then they can do any transaction through online banking, including the transfer of money from accounts.
A common tactic used by criminals in this type of scam is ID spoofing. In this way, criminals cover their phone number so that it appears that the message or call comes from a legitimate phone number.
Phishing : Scams via email
The term phishing refers to the use of electronic communications for the purpose of intercepting citizens' personal data or installing malicious systems on their computers.
The perpetrators send emails, copying the standard design of the messages sent by the banks and directing users to click on links or attachments, which then ask them to provide their personal information and passwords.
Malicious links lead to websites, which are also exact copies of banks' websites. From there, through the theft of personal data and passwords, criminals can access customers' online banking.
Vishing: Frauds by telephone calls
The third and most common method used by fraudsters is vishing, a combination of the words “voice” and “phishing.”
Through this method, fraudsters call citizens, pretending to be bank employees, and try to extract their personal information.
Here, too, ID spoofing is used so that criminals can cover the number from which they are calling.
How can I protect myself from cyber fraud?
The first thing every citizen should know is that banks will never ask for card codes or passwords for your online banking via phone calls, SMS or emails. Therefore, if you receive such a request, contact your bank immediately. Before proceeding, check the email address from which you received the email and compare it with previous actual communications you have had with your bank. You can also check the link to which the email leads by first copying-pasting in your browser (Chrome, Firefox), instead of clicking on it directly. Malicious links will be slightly different from the addresses of real banks' websites. For example, a malicious copy of Facebook.com may be Fac3book.com. Possible spelling or syntax errors are a strong indication that the message was not written by a professional. Search the internet for the number from which you receive the call (if it is not covered) and see if it matches your bank numbers. Scammers can find your basic contact information online. If the person contacting you is aware of any of your information, do not immediately assume that they are an employee of your bank. Do not open email links, files, or images you receive by SMS until you have verified the sender. If you can not verify the authenticity of the message, contact your bank.
