A modus operandi where the fraudster will steal the victim’s private credentials through phone, SMS or email. There are 3 common tactics used.
Email phishing uses the same method as SMS where the fraudsters send links to the victims while impersonating legitimate entities. However, these links are sent via emails and will be sent out to as many email addresses as possible.
By clicking on the link given through the email, you are led to a malicious website to fill in your private information, and/or your phone/computer will be exposed to malware and viruses that the fraudster can use to gain your personal banking credential.
Phone call phishing, also known as vishing, happens when the fraudsters call the victims and trick the victims into divulging their personal information by impersonating as authorities or experts, and claiming they are trying to help the victims.
C received a call from someone claiming from Bank XY and told C there was a $10,000 purchase made in Country J using C’s credit card. C denied the purchases but the person informed C that the payment was already approved. Panicking from the information received, C was transferred to the manager of Bank XY who told C they would try to help C recover the money.
To confirm C’s identity, C was asked to read the details of his credit card including the CVV number and was instructed to transfer all the money from his savings account into a ‘safe account’ under Bank XY. They informed C that it was for a short period and the money would later be ‘transferred’ back into C’s savings account. C was also told to not tell anyone about the incident for at least 3 days.
However, after 3 days, no information was received and the money had not been transferred back. C had fallen victim to a phone call scam.
SMS phishing, also known as smishing, is when you receive a text message claiming to be from a legitimate company or bank insisting you click on the link in the text that will lead you to a malicious website for you to provide your personal credentials or call the number given. Through this, the fraudsters will be able to obtain all of your personal information.
Even if you do not divulge your details after you click on the link provided, there are high chances you have been exposed to a malware or malicious software, which will install itself into your phone and trick you into entering your personal information and sending this data to the fraudsters.
You received an SMS claiming that a purchase had been made from your credit card. Immediately you called the bank phone number that was given in the SMS.
You were then asked for your personal credentials and were suggested to transfer all your money to a “safe account” while they conduct their investigation.
They informed you that the money would be transferred back into your account after everything was completed. They also asked you to not inform anyone and to not check your account for the next few days due to the ongoing investigation.
Contact Us immediately if you believe your banking information is compromised or there has been an unauthorised transaction on your account.