We are periodically assaulted by email messages “very important” or that requires “Increased attention” from some Bank, some that we don't even have or would have ever had Auditors. In this article you will find useful tips on how to protect our bank accounts from online scams.
content
Most likely, you are not unfamiliar with the terms “online banking” and “internet banking“. They are used by all banks, and through these tools they are tracked the redirection of some operations from the counters, to the specific applications of the banks and to the online banking accounts.
The truth is that it is much more convenient to check one transaction status, the balance of an account or RATES, with the help of a mobile applications or accessing online account. Than let's do one way to the bank, let's stand in line and have de signed various documents, mobile phone and online operations are much simpler, but they also involve certain risks. Especially for the gullible and those who don't “online culture“.
I don't want to offend anyone, but there are many people who, if they know how to create a Facebook account or if they know how to access a web page, have the impression that they are experti in IT.
The worst part is that marketing policy of banks encourage users to use online accounts and mobile banking applications, showing them how simple and how little time it takes transfer some money from one account to another or to do some pay online. Only the advantages of these tools are highlighted, but nothing is said about the risks that inexperienced users are exposed to.
The latter can be safe targets of online deception. The most common form is phishing-ul.
What is phishing and how to protect our bank accounts from online scams? Phishing Scams
This is the way to online crime, which consists in obtaining some confidential data, like online banking access data, processor accounts of pay online (PayPal) or bank card data.
The most common method of deception is through e-mail messages that appear to be sent by banks. In these messages, we are asked to urgently access the online banking account to update various data or to make certain security changes. In reality, the link that is sent in the message received by e-mail, sends us to or fake web page. A web page that largely copies the bank's real web page. In this case, the user who is less experienced he will be fooled quite easy. being convinced that the message is real and the website he entered is that of the bank where he has an account. He starts and enters his personal data. The first step would be the username and password related to the online banking account. What the user does not know is that those data do not go to the bank, but to a criminal who will use them on the real website of the bank, to make transactions with the money of the deceived user. Simple, right? If after the false authentication, the card data are also requested, including the name of the holder, the card number and the CVV, then the problem is even more serious. There are still cards on the market that do not have 3D security and can be used very easily by anyone who has the previously mentioned data.
As the first measure of protection, it is increased attention when we receive such a message. Let's be careful from which address it was sent, let's see the source of the message and especially check the link we click on. The link that takes us to the bank's website.
Below is a concrete example of phishing via e-mail, in which customers are targetedOTP Bank Romania.
A message with the following content is received:
The message is formulated well enough to mislead someone, again header with the OTP Bank logo adds more confidence for those who are not very good at reading a message received by e-mail.
The suspicious parts only appear when we read the top part of the correspondence, where the address from “reply” is past “[email protected]“. It is unlikely that a bank will use an email domain name that has nothing to do with the bank's name or the domain name of the bank's official website.sarvayoga.org it should arouse our first suspicion that this message is not what it seems.
If we open the complete source of the message, we can identify the server from which it was sent.
At this point it should be very clear that this message is not sent by the bank. The identification data of the server from which the message was received has not the slightest connection with OTP, and the message must reported as SPAM and totally ignored. You can go even further, notify the police or make a notification to inform the bank about the fraud attempt.
So, if we read carefully “mail header” CAN to protect our bank accounts from online scams.
We only recommend the next step if you have one firewall and a well-tuned antivirus, again IT knowledge to exceed the average level.
I followed the link indicated in the e-mail out of pure curiosity. Knowing that there will most likely be a web page in which I will be asked for confidential data, I wanted to see the imagination of the criminals and what they were able to do.
Below is a screenshot of the web page I was redirected to from the message:
It is a web page identical to “otpdirekt.ro“, one of OTP's official internet banking pages, only the top address, the URL, does not belong to the bank. pcitaliasrl.it, is a domain name on which a clone of the OTP page is made, and if you enter your personal data here, you will definitely be a damaged future.
How do we distinguish between a real web page of a bank and a fake one, used for online fraud?
It is very simple. All bank web pages and those that ask us for confidential data must be accompanied by an SSL certificate.
The presence of this certificate can be easily seen in the web address bar (URL). In the example above, even if the fake page uses an SSL certificate (it has the lock in front of the web address), it is not registered by OTP Bank.
The real page of the bank will display at the web address, a valid SSL certificate, written in green, in which the full name of the bank appears.
By following these safety elements, we can very easily avoid becoming a victim of an online scam.
Targeted by these phishing time attacks are especially the big banks, which have a large number of clients and which promote their online services a lot. BRD, BCR,Raiffeisen Bank, Banca Transilvania, etc.
Yes, you can still recover the money you lost due to any online fraud, provided you can still show all the transaction documents you have done with the scam company or the scammer. The next step is to contact the right recovery company to initiate your chargeback refund transaction and ensure that you
they are dealing with the right processing company. When my neighbor Kate had a similar problem with her fake Bitcoin investment company Lallroyal .org helped her recover her lost BTC and ETH. They are the best.