If you want to see what a scam victim looks like, look around. Various people suffer from malicious cyberspace – students, unemployed, businessmen, retirees, and higher education teachers. Scam techniques are becoming more elaborated, scammers are evolving, so we have to take an interest and protect ourselves.
Fraud is a crime aimed to designed to deceive and take away your money. You get a false impression of something that doesn't really exist.
The first step is simple – check your knowledge to avoid falling into the scamming trap.
The most common scam scheme is to extort money via
Proposing to get rich by investing
Presenting to be a bank representative, police officer or other service provider
Enticing with a desire to quickly establish a romantic relationship
Sending a phishing email with a link
Main fraud schemes used in Estonia
What is it about?
- You will be called and offered a very high-yield investment opportunity (stocks, bonds, cryptocurrency, rare metals, alternative energy, investments abroad, etc.).
- The calls are mostly in Russian (but could be in other languages) and the number usually has a foreign area code.
- The first call is usually to understand who the potential ‘customer’ is.
- The offer made to the victim is emphasized as a personal one and they are asked not to share this information. A promising investment is allowed and safety is emphasized.
- You will be contacted again later by a new person. You will be told more about the investment offer and an aggressive ‘sale’ will begin.
- You will be directed to a website that shows you how your future investments will grow over time and earn huge profits. This is a deceptive website created by scammers.
- Fraudsters may also want to gain access to a victim’s computer. For example, you may be asked to share a screen via a Skype chat.
- If you explain that you do not have the money to invest, it is common to be directed to borrow quickly.
- The goal of scammers is to make as many transfers as possible to the account they provide.
- Scammers are often denied access to their computers, and so bad guys start acting on their own. The victim is asked to download a program to their device that actually gives the fraudsters remote access.
- After the transfer, contact with you will usually end. However, you may be contacted again later. A refund will be promised, provided you make another transfer for any additional costs incurred.
- You will lose your entire ‘investment’ and the extra amounts paid!
How to protect yourself?
- As these are very aggressive ‘salespeople’, ignore the calls consistently.
- When answering the call, communicate in Estonian.
- Do not get in touch with a scammer – they are very good manipulators who can easily influence people.
- You should be doubtful of any promises of you benefitting quickly. An investment that allows for maximum returns is the riskiest.
- The investment process should be in written form and documented, not a verbal ‘agreement’ over the phone.
- Never act on the advice of a complete stranger. If you do not know the basics of investing yourself, consult a reliable specialist and take the time to understand what to do.
- Pressing for a quick decision is an obvious sign of fraud.
- Use a calculating mindset.
- If you are a victim, contact the bank and the police immediately. Tell people close to you what happened.
What is it about?
- Loan offers with ‘very good’ interest rates and other conditions are spreading on the Internet or social media.
- People often communicate in incorrect Estonian or in some foreign language.
- To get a loan, you will be asked to pay in advance under various pretexts, for example notary fees, contract fees, loan insurance, etc.
- You may also be asked for your personal information, such as bank details, address, social security number, copies of documents, etc. Your data may later be used by fraudsters for personal gain, so personal data should not be disclosed.
- You will be asked to make a payment to a foreign bank account and in the name of an individual.
How to protect yourself?
- Maintain common sense and think if the offer could be real.
- If possible, do not contact the bidders. Further communication may send you malware.
- The requirement to make a money transfer before signing loan documents is an obvious sign of fraud.
- All loan operations should be documented and signed in advance by the parties.
- If you are signing the documents related to the loan, make sure that they are valid.
- In particular, find out the background of the company or individual who makes a ‘good’ loan offer.
- If you are a victim, contact the bank and the police immediately. Tell people close to you what happened.
What is it about?
- You receive an email or message on social media from an unknown sender that you have received an inheritance or donation from a foreign country.
- Usually the message is in incorrect Estonian (translated with the help of Google) or in a foreign language (usually in English).
- The alleged magnitudes of inheritance usually amount to millions in different currencies.
- In order to receive the inheritance, the ‘heir’ must make a financial entry, seemingly to cover the costs of the inheritance (notary fees, opening and account, etc).
- The goal of scammers is to get as much money as possible, which is why many people lose all their savings.
How to protect yourself?
- Analyse how viable the possibility of a ‘inheritance’ or ‘donation’ is.
- Incorrect Estonian language is one of the main methods of detecting fraud.
- Ignore messages with this content and do not contact the sender of the message.
- If you are replying to the message, be aware that the next message might send malware to your computer.
- If you are a victim, contact the bank and the police immediately. Tell people close to you what happened.
What is it about?
- Meeting takes place online, for example via social media or a dating portal.
- The scammer creates a fake profile and pretends to be someone else. They often work in groups and have a strong background structure.
- Communication by the fraudster is built on mental aspects with the aim of building strong trust.
- Communication is very active by the fraudster. The fraudster’s goal is to quickly evoke great and deep feelings in the victim to gain control of them.
- The fraudster may ask the victim to send intimate pictures or videos of themselves for later manipulation.
- After sufficient active communication, the fraudster turns to the victim for help. The reason for requesting help may be, for example, a meeting, but it needs financial support.
- Fraudsters can also aim to obtain information from a person.
- If the victim does not give money, fraudsters often start threatening and extorting money. If the victim gives money once, repeat requests and manipulation are likely to occur.
How to protect yourself?
- Be careful when sharing personal information with new acquaintances (especially online acquaintances). This information can be used to manipulate you.
- If possible, run a background check on the person (Google). If you have any suspicions about their identity, stop communicating with them.
- Use a secure environment when communicating to prevent malware from being installed on your device.
- If you have fallen victim to fraud, contact the police immediately. If you have made transfers at the request of a fraudster, also notify the bank.
What is it about?
- It is a scam in the case of which victims are asked to pass on personal information (phishing, smishing, vishing by email, text messages, or calls) that is later used to defraud.
- In the case of a data phishing fraud, the person is usually asked to approve some urgent operation in the Internet Bank (payment confirmation, payment refund, data confirmation, etc.) and to enter usernames, passwords, or even bank card details.
- The text message or email contains a link that, when clicked, will take the victim to a page similar to the website of the bank. The logos, colour schemes, and designs are mostly similar to those used by the company.
- As a result, bank accounts are emptied, quick loans are applied for, card data is used, etc.
How to protect yourself?
- Be cautious about an email sent from an unknown address or a text message sent from an unknown number. Check the spelling and grammar – if there are errors, it is most probably a fraudulent message.
- Banks and authorities never ask their users to enter personal passwords/codes or update personal data via email, text message link, or phone call.
- Do not open emails/text messages from an unknown sender – delete them instead. Do not answer calls from unknown numbers.
- If you have any doubts about the identity of the sender of the message, contact the alleged sender of the email and ask them about the content of the email/text message. Use the contact details on the website of the company.
What is it about?
- This is a method where fraudsters send invoices of varying amounts by email.
- A company or individual receives an invoice for a service or goods that they have not ordered/purchased. The fraudster hopes that the person/company will not check the invoice and make the transfer.
- Fraudsters use bank accounts in various banks. Money transferred to banks in the Republic of Estonia is quickly transferred to foreign banks.
How to protect yourself?
- Be careful and check the content of the invoices sent to you.
- If the sender of the email is unknown, do not open the email (it may contain malware).
- If the name of an actual company (e.g. SEB) is used in the invoices, inform the company that false invoices are being sent in its name.
- Do not reply to the sender and inform the police. If you have made a transfer to the fraudster, also report the incident to the bank.
What is it about?
- The fraudsters usually target companies (mainly those that cooperate with foreign companies and make regular transfers), but also private individuals.
- The mailbox of the partner company is hacked and then used to learn information or monitor invoicing. The victim company is then notified of a change in the bank account details of the partner company at the appropriate time and an ‘invoice’ with the current account number of the fraudster is submitted.
- Sometimes, the partner company immediately submits an invoice for the service/products without information about the change of details.
- Fraudsters usually use private companies to commit fraud. However, they may also pretend to be a public authority, i.e. it seems like a public authority is submitting an invoice.
How to protect yourself?
- Verify the international bank account number (IBAN).
- If you learn about a change in the details by phone or email, be suspicious of the caller/sender. If necessary, ask specifying questions and compare the structure and content of the emails with previous ones.
- Be suspicious of changes in details and contact your business partner to confirm the updated details before making a payment.
- If you discover a fraud, report it to your management, business partner, the bank, and the police.
What is it about?
- Fraudsters thoroughly research the structure and operation of a company. They mostly obtain the necessary information from the Internet (LinkedIn, Facebook, Twitter, company websites, social media).
- The email may even be sent from the email address of an actual CEO. Often, fraudsters claim the email is sent by phone to explain the typos.
- The fraudsters ask the victim to make a transfer as soon as possible. They also claim the matter is confidential and urgent.
- Often, the victims are asked to make a payment to a bank located outside the European Union. In addition, contracts, various bank details, inside information of the company, passwords, etc. may be requested.
- They may also target employees from various departments to obtain confidential information.
How to protect yourself?
- Even if the email states that the matter is urgent, take some time to analyse the email before making a payment.
- Be especially careful and cautious about changes. If a process has changed, all parties involved are generally notified in advance.
- Be cautious of email attachments (invoices). Look for inaccuracies in the invoice and make sure the email does not contain malware.
- Inform your supervisor and the police. If you have made a transfer to the fraudster, also report the incident to the bank.
What is it about?
- Lottery frauds are committed on the Internet and social media.
- Often, fraudsters use the name of a well-known company or a name similar to it. For example, they may pretend to be a telecommunications company that is giving away an expensive mobile phone.
- They send an email or a message on social media to the victim, claiming they have won a prize even though they have not even participated in the game/campaign.
- When the victim clicks on the ad, they are asked to submit their personal data, to make a payment, to enter their bank account or bank card number, etc.
How to protect yourself?
- Be very cautious about messages claiming you have won something. Do not click on them.
- Do not disclose personal information (bank account, bank card numbers, social security number, date of birth, address, etc.) or make money transfers. If you are asked for them, it is a fraudulent message.
- Fraudsters often use these kinds of messages to gain access to the device (computer, phone) of the victim. If you click on the ad, the fraudster may be able to install malware on your device.
- Report the incident to the police and, if you have made transfers to the fraudster, also to the bank.
Important to know in case of phone fraud
- During a call, bank employees never tell customers to act quickly, never ask for their full bank card number or Internet Bank, Smart-ID, or Mobile-ID codes or to download software.
- Bank employees never contact customers on messaging applications such as WhatsApp, Viber, etc.
- Bank employees are always able to speak Estonian and know the full name and contact details of customers. When in doubt, ask verification questions from the caller or hang up and call the bank yourself (find the number on the website of the bank).
- If the customer calls the bank, they will be asked to identify themselves using a suitable personal identification device.
- In an emergency, the bank employee can block a bank card, suspend a transaction, etc. without the customer having to enter their PIN. If necessary, the customer can also block their bank card on the website of the bank.
Safe online shopping
When shopping online, pay attention to the following:
- Be cautious about the prices. Fake e-shops often have big discounts and ‘exclusive’ offers.
- To make sure the e-shop is reliable, look for feedback from other buyers. Use various sources.
- Remember that some e-shops may look like the e-shops of reputable companies.
- When shopping online, pay attention to the technical data of the e-shops: the link should not contain errors or suspicious signs and symbols.
- Make sure the link starts with ‘https:’. This proves that your data will be safe.
- Check whether the website of the e-shop contains the contact details of the merchant so that they can be contacted directly if necessary.
How to prevent fraud?
Anyone can fall victim to fraud – all it takes is for the fraudster to be in the right place at the right time. Here are some tips on how to avoid falling victim to fraud:
- Be sceptical and take the time to analyse offers, emails, and websites.
- Always do a background check on individuals and companies and do not reply to fraudsters. Avoid talking to strangers.
- Do not take a loan to invest.
- Use multi-factor authentication and protect your devices from malware.
- Avoid using the same password in different places. Change your passwords at least once a year and do not use easy passwords.
- Do not share information meant for personal use (Smart-ID codes, Mobile-ID codes, usernames, passwords, etc.).
What to do if you have fallen victim to fraud?
If you have fallen victim to fraud (you have shared your Internet Bank data, downloaded a program, or someone else is using your Internet Bank to make transfers), contact your bank as soon as possible.
Why should you notify the bank as soon as possible?
- we will prevent any further abuse of your current account
- we can cancel or dispute a transfer or a card transaction
- we will record the incident and, if necessary, monitor further account activity
What information should you provide to the bank?
- What happened and when? Briefly describe what has happened.
- Review your account statement and report any transactions that were not initiated by you.
- What personal information have you disclosed? (usernames, Internet Bank details, identification device codes, information about documents, etc.)
- Have you downloaded any programs to your device because the fraudsters asked you to? If so, which program?
Ways to contact us:
Send an email
Send us an email to info@seb.ee if the situation is not urgent and the information can be transmitted by email. For example, send us an email if you have been in contact with fraudsters but you did not share your data and no fraudulent transactions have been made with your account.
For example:
- you have received a data phishing email but you did not share any personal information
- you received a call where the caller offered an investment opportunity
- you received a call from a bank employee/police officer/Google employee or a representative of a service provider who informed you of unusual transactions on your account.
Call customer support
Call us at 665 5100 if the situation is urgent, i.e. you have shared your personal information (codes) with fraudsters, fraudsters have accessed your Internet Bank, transfers/card transactions have been made, you have downloaded a program recommended by fraudsters, etc.
Contact virtual advisor
Contact our virtual advisor if you have general questions. Write your question/keyword in the chat and the robot will give you basic instructions on how to proceed.