When it comes to phishing, smishing and vishing, the perpetrators call, send an SMS or an email!

Phishing (i.e. via email), smishing (i.e. via SMS) and vishing (i.e. via phone call) are the most widely used social engineering methods to target bank customers.

Accessing data using fake bank emails (phishing)

Phishing refers to fraudulent emails that trick recipients into disclosing their personal, financial or security information.

How does this work?

These emails

  • can look exactly like the correspondence sent by real banks, imitating the logo, layout and tone of real emails;
  • use language that suggests urgency, e.g. there is a hint of a threat of punishment if they don't answer;
  • might ask you to download an attachment or click a link.

Cybercriminals rely on the fact that people are very busy, and at first glance, these spoof emails appear genuine. Accordingly, recipients are more likely to take the content seriously and respond to it.

What can you do?

  • Keep your software, including your browser programs, antivirus programs, and operating systems, up to date.
  • Be particularly vigilant if the bank's email asks for sensitive information (e.g. your online bank account password). A real bank only communicates with you securely through your online bank account.
  • Take a close look at the email: review it for inconsistencies and anything that doesn't make sense:
    • Pay attention to the smallest differences in the sender address: a zero could look like an “o”.
    • Hover over the sender address and take a close look at the current sender: If possible, compare the sender address of this email with previous genuine messages from your bank.
    • Look out for spelling and grammatical errors.
  • Do not reply to a suspicious email, instead forward it to your bank by entering the address yourself.
  • Do not click a link or download an attachment. Instead, enter the address into your browser.
  • Be careful when using a mobile device. It might be harder to detect a phishing attempt from your phone or tablet. You won't be able to hover over a questionable link, and the smaller screen means you're less likely to notice obvious errors. Contact your bank if it is a fictitious email - all companies strive to be aware of these scams. If you have any doubts, call your bank.

Accessing data using fake bank calls (vishing)

  Vishing (a combination of the words voice and phishing) is a form of telephone fraud in which fraudsters attempt to trick the victim into disclosing personal, financial or security information or transferring money to them.

What can you do?

  • Beware of unsolicited phone calls.
  • Get the caller's number and say you will call back.
  • To verify the caller's identity, find the organization's phone number (on its website or through an Internet search) and contact them directly.
  • Do not accept the caller using the number he gave you (it could be a fictitious or fake number).
  • Fraudsters can find basic information about you or your company online (e.g. on social media profiles). Don't assume that the caller is real just because he has this information.
  • Do not reveal your debit or credit card PIN or your online banking password. Your bank would never ask you for this information.
  • Do not transfer money to another bank account upon request. Your bank would never ask you to do this.
  • Report it to your bank if you believe it is a fraudulent call.

Accessing data using fake bank SMS (smishing)

  Smishing (a combination of the terms SMS and phishing) is the attempt by fraudsters to obtain personal, financial or security-related data via text message. They pose as a credible source by posing as a bank, card issuer, or utility or service provider.

How does this work?

These messages typically ask you (usually urgently) to click a link to a website or call a phone number to verify, update, or reactivate your account. The link then leads to a fake website and the phone number to a scammer posing as a representative of a legitimate company. The goal is to get you to reveal any information that could help scammers steal your money.

What can you do?

  • Do not click on any links, attachments, or images received in unsolicited text messages without first verifying the sender. You can do this by searching the number on the Internet (if it's a scam, you're probably not the first) or comparing it with the official number of the sender it claims to be from.
  • Don't be rushed. Take your time and do the appropriate checks.
  • Never respond to a text message that asks for your PIN, online banking password, or other security information.
  • If you are concerned that you have responded to a smishing text and shared your banking information, contact your bank immediately.

Download the Phishing information sheet
Download the Smishing information sheet
Download the Vishing information sheet

Source: Internet Crime Guide | Police Lower Saxony | Joint cyber fraud awareness campaign between Europol and the European Banking Association (EBF) as part of the European Cybersecurity Month (ECSM)


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )