Banks in Romania have come to constantly warn their customers about various cyber frauds that appear daily and which are, most of the time, blocked. Recently, ING, BRD, BCR and UniCredit have released warning messages, solutions and advice aimed at helping customers face the many dangers.
Today, ING returns with other warnings and figures. According to the bank, the number of smishing attacks in Romania increased more than six times in 2023 compared to the previous year, according to an internal analysis carried out by sendSMS. In the first months of this year, 75% of smishing cases attempted identity theft by using a custom tag (sender’s name) to mislead users that messages are sent by different companies.
Globally, 39% of consumers will experience at least one SMS scam attempt in 2023, according to a study by the Mobile Ecosystem Forum (MEF), the telecommunications industry trade association.
Smishing fraud targets the banking, courier and telecommunications industries
Smishing attacks are similar to phishing attacks, but use SMS messages to trick potential victims. In most cases, users have to click on a link and end up on a fake website, created specifically to steal confidential details (such as card or banking app login details). In other cases, users are asked to install malware on their mobile devices.
Alin Becheanu: Most frequently, clients are manipulated into willingly giving their card or user data, password and OTP codes
“To prevent and block fraud attempts, in addition to internal actions and functionalities in Home’Bank, we constantly collaborate with the authorities and with different providers, such as the sendSMS company. Most frequently, customers are manipulated into willingly giving their card or user data, password and OTP (one time password) codes, after receiving alarming messages or promising them impressive earnings.
sendSMS filters smishing attacks daily and alerts ING to block fraudulent messages before they are sent on behalf of the bank. We enjoy this collaboration, which further helps us to be proactive and protect our customers’ data.
We continue to innovate to prevent fraud, and this year we launched the geolocation solution, which can block transactions initiated from other geographies. The option can be activated very simply, from Home’Bank, the Security and login menu”, says Alin Becheanu, Head of Fraud Monitoring and Prevention, ING Bank Romania.
Banks are the most targeted companies
According to sendSMS analyzes from the last three years, most smishing fraud in Romania targets the banking sector (56%), the courier industry (25%) and telecommunications services (15%).
Over 2600 smishing attacks, in 2023, 94% were blocked
“sendSMS has developed a powerful anti-smishing system to automatically filter malicious content and block it before it reaches the networks of telephone operators. In addition, as an additional security measure, certain operations are performed manually by cyber security experts. Last year, we identified more than 2600 smishing attacks, of which we blocked 94%. In the first three months of the current year, 100% of smishing attempts were blocked.
Part of our strategy includes paying more attention to suspicious web domains, tracking them across a wider network and analyzing potential links. We are also vigilant in monitoring online resources that facilitate the sending of SMS messages anonymously. A detailed analysis of the content, style and other peculiarities of smishing messages helps to continuously improve our filtering systems. Through these methods, we constantly adapt to anticipate and counter the evolution of smishing tactics used by attackers. This ensures we are proactive and aware of new attacker patterns.” – Liviu Băltoi, Cybersecurity Consultant and Founder, sendSMS.
5 Tips from ING & sendSMS to prevent smishing fraud:
1.Beware of the sender of the message! Businesses that use SMS communication and marketing use a sender ID, which means that the sender will display the company name instead of a phone number. This sender ID is verified and implemented following a procedure similar to the OSIM brand.
Compare incoming messages that appear to be from the same source before taking action. When something looks suspicious, contact the sender on a different communication channel!
2.Do not respond to urgent or threatening messages. Attackers try to create a sense of panic or pressure to distract you from the elements that would help you realize it’s a smishing attempt.
More, if the messages have grammatical mistakes, it is an indication that the text has been automatically translated and that it is a scam. Call the phone number on the back of the card or go to an ING Office to clarify any confusion.
3.Never install software on your phone or do banking through text messages. For example, the bank will never ask you to install a program to update your data. If you receive an SMS with a link to pay for a package online or for any other reason, do not act on it, because there is a good chance that fraudsters actually want to get your bank card details.
Note that financial and banking organizations will never send you messages that contain links to update or verify your login or personal data.
4.Be careful about the web pages you are redirected to. Is the domain name correct? Does the site look suspicious? Do the texts on the website contain many mistakes or do they have robotic language? Enter the bank/company website directly from the browser, not by accessing the link in the SMS. Use a cybersecurity solution to protect your phone, tablet, or laptop.
5.If you accessed a malicious link, reset your phone to its original factory settings. If you’ve downloaded a malware app to your phone, don’t access your banking app before resetting your phone. Then reset your internet banking app password. Check for suspicious transactions and contact your bank to report the malware attack.
To recognize online fraud attempts and not fall victim to them, keep yourself informed about them from reliable sources such as the security section on the ING Bank website and sendSMS.
Tags: Warning ING Smishing attacks Romania increased times tips fraud prevention
-
