We can’t overemphasise the importance of being careful when shopping and authorising payments online. It’s just as important to not react impulsively to messages received through various digital channels, such as by responding to information in text messages.
In the past few days and weeks, we’ve registered several instances of cyberfraud of various shapes and sizes. Fraud based on the shipment of goods and products to Iceland are common at this time of year and the would-be criminals try various tactics.
- Our customer received a DM through Messenger from a Facebook friend, requesting his phone number. He then got another DM from the friend, an offer to participate in a Facebook game that required him to send a code texted to his phone. The “friend” was in fact a fraudster who had hacked into and taken over the real friend’s Messenger account. The code texted to his phone was a security code for logging in to online banking with electronic ID. Since the fraudster had gained access to both the customer’s phone number and the code for his electronic ID, he could access online banking.
- Another customer responded to an ad for cryptocurrency on social media. She was then contacted by a fraudster through WhatsApp. The customer let the fraudster access her computer using Anydesk and the fraudster used the access to make an international transfer from the customer’s account to the cryptocurrency exchange platform Coinbase. Her credit card was also used to transfer funds to Coinbase.
- One of our colleagues here at the Bank received an email from a customer with an order to execute a high cross-border transfer in euros. The employee followed the Bank’s procedures and contacted the customer. It transpired that the customer’s email account had been hacked and that this was an attempt to defraud the customer of funds.
- There have been several cases of customers opening a link texted to their phones, purporting to contain payment information for a shipment received. The messages were designed to look like they came from shipping companies but were in fact fraud attempts. Customers were asked to enter their credit card information and to confirm payment by entering a security code.
- We were able to intercept two international transfers from customer accounts to overseas cryptocurrency exchange platforms. Both were attempts at investor fraud.
- Our customer received a call from an “international lawyer” who offered her assistance to invest in cryptocurrency. The customer allowed the fraudster to access his computer and she then transferred funds to a domestic cryptocurrency exchange platform. Our customer became suspicious a short while later and contacted us. Due to the customer’s quick response, and equally prompt action on our end and by the exchange platform, the funds were recovered.
It’s important to stay informed in order to know the pitfalls. Please spread the word to friends and family!