How to protect yourself from SMS fraud?
In recent weeks, phishing scams via SMS have become active. A text message arrives on your phone, saying that there is a problem with your bank account and asking you to click on the link in the text. This redirects you to a page very similar in appearance to the bank’s website, where it seems you have to authenticate yourself. If the client fills in the required fields and confirms the operation with the PIN1 code, they essentially allow the defrauder to freely dispose of the client’s money. How to recognise these instances of fraud and protect yourself from them, tells Kätlin Kukk, Head of Security at SEB Security Centre.
A phishing SMS (smishing) always contains a problem that requires urgent intervention, and the essence of the problem does not really matter here, as fraudsters very often change its content. What is typical, however, is the wish to create a stressful situation – for example, all the money will disappear from your account if you do not click on the link.
In reality, clicking on the link does not remedy the situation; instead, it could redirect you to an Internet bank login page made by the fraudsters, which is confusingly similar to the original. Usually, the fraudsters have simulated the logo, colours and design, and it is very difficult to notice the difference compared to the genuine page.
If you hastily enter your user ID and PIN1 code on this page, then a loading wheel starts spinning on the page, as if the data were being processed and it will take some time, while the actual goal is to keep the victim waiting.
At the same time, the information entered is immediately sent from the page to the fraudsters. They can now use the victim’s data to enter the mobile app or Internet bank of the actual bank and do as they please there.
How to protect yourself?
• Do not rush to click on links or download files.
• Check whether the message is correct or contains errors in spelling or logic.
• Take the time to delve deeper into who sent the letter or message.
• If you are asked for passwords, be extra careful, because the bank will never ask you to disclose detailed data or passwords by e-mail or text message.
• Delete an e-mail or SMS sent by someone unknown to you.
• If you suspect that fraud may be involved, you should check the information sent either by logging in to the Internet Bank securely through the website or by contacting the bank by phone. This way, you can also clarify whether it may have been fraud.
Since text messages also reach the mobile phones of children and the elderly, it is important to talk about fraud with your loved ones in order to raise awareness and keep them from becoming victims of fraud.
‘Measure twice, cut once’ is the proverb that best applies to dealing with fraud.
Additional information:
Katre Kärner
Communications Manager
Business client area
SEB Bank
Phone +372-5560-9962
Tornimäe 2, 15010 Tallinn
katre.karner@seb.ee
www.seb.ee