Breadcrumb

Phishing

Phishing scams are fraudulent email messages appearing to come from legitimate high profile companies. These messages usually direct you to a false web site to get you to divulge private information (e.g., passwords, Card information, or Date of Birth etc). Cyber-criminals then use this private information to commit identity theft, or to drain your bank account of money.

How do you recognise it?

In a typical scenario, a phisher sends a deceptive email with a “call to action” that demands the recipient click on a link. Typically, the email will have spelling mistakes and/or incorrect grammar. However, in many cases the e-mail may appear to be very convincing and have many of the logos of genuine institutions, even well known banks. Here are some phrases that may be used in a phishing e-mail:

  • “Verify your account”

  • “Respond within 48 hours or your account will be closed”

  • “Dear valued customer”

  • “Click the link below to gain access to your account”

Responsive Image

Beware of fraudulent messages just like this one which may look like legitimate KBC texts.

Fraudsters may use these types of messages to get sensitive information.

KBC will never ask you for sensitive information like codes.

How does it work?

If you enter confidential information into the fraudulent web site, the cyber criminals may be able to subsequently impersonate you in the future to transfer funds from your online bank accounts, purchase goods online using your bank cards, or inflict other forms of financial loss.
In many cases, the person responsible for the email does not directly cause the economic damage, but resells the illicitly obtained information in a variety of online forums and chat rooms.

What to do?

If you suspect you have entered personal details or KBC Online Banking login information into a fake website, please contact us immediately by calling 1800 92 93 44

How can I prevent it from happening?

  • Remember - KBC will address you by name in any correspondence.
  • KBC will never ask you by email or telephone for login or personal information, such as your login ID, passwords, activation codes or the codes from your Digital Key.
  • Never respond to any unsolicited email or phone calls requiring personal information. No reputable company will ever ask for this kind of information.
  • Use an anti-phishing toolbar. Anti-phishing toolbars are included in many of the common Web Browsers. Ensure you have the most up to date version.
  • Keep your Anti-Virus software up to date. Anti-virus vendors are also including Anti-Phishing toolbars with the latest versions of their products. However, at anytime if you feel that your computer has been tampered with in any way please ensure you change your passwords.
  • Ensure that any website requiring confidential information is using a secure connection. Always look for https and a pad-lock in the browser window and pay attention to error messages that the browser gives when it says a site cannot be trusted.
  • Never send personal or confidential information in an email.
Responsive Image

What is KBC doing to help?

KBC Bank takes security very seriously and we try to shut down fake websites as soon as they are discovered. Unfortunately we cannot provide complete protection against phishing attacks; therefore you should always keep yourself alert to phishing risks.
We will notify you via our website when new fake e-mails purporting to come from KBC are in circulation.

Should you notice anything suspicious please email us directly on alert@kbc.ie

Top Tips

  • Be suspicious of any emails / websites offering something too good to be true; it probably is.
  • Be wary of websites you hand over your credit card details to. Try to ensure that you get a reference about a website before you trust them. Use only reputable and known brands.
  • Never reveal your passwords.
  • Monitor your bank account / credit card statements regularly and report any suspicious activity immediately.

Smishing

SMS phishing is a form of criminal activity using social engineering techniques.  An SMS (or text message), or app message, purporting to be from KBC asks you to log on to KBC.ie via a fraudulent link to update your personal information. The fraudsters may then use this information to access your internet banking account.

There has been an increase in ‘Smishing’ attacks at the moment, so be alert! Remember, KBC will never ask you to provide your KBC User ID or logon to kbc.ie via any link provided over SMS.

What to do if you have received a suspicious SMS?

  • Do not use the link that is in the SMS
  • Do not send any credit/debit card information or log-on credentials by SMS
  • If you have already used the link and/or entered your details, contact the Customer Service Team on 1800 93 92 44 as soon as possible.

What to look out for

KBC are aware of campaigns whereby scam calls are coming from KBC “Fraud team” and “Card Services” and also claiming to be from other departments from the bank.

These calls are not from KBC. These callers are looking for One Time Passcodes on texts to your phone. Never give these callers passcodes over the telephone. You should hang up and call us back on 1800 93 92 44. We will never ask you for your One Time Passcode over the phone or via a text message.

Should you require any further assistance please contact customer care on 1800 93 92 44.

What to look out for - Examples

Examples

We've put together some examples so you know what to look out for. 

Suspicious Links

Fraudsters can try to trick you into giving away your security information/ access codes. Sometimes they will send an SMS pretending to be from KBC. The SMS will warn you that a transaction has gone through on your account and in order to stop it, you must click on a link.

This is done to create a sense of panic and urgency so you will click on the link and then enter your security details.
Remember: Never disclose your personal banking login or other details in response to any unsolicited request.

Do not click on any suspicious links.

Mobile & Online

Fraudsters can try to gain access to you online/ mobile app. They will the attempt to set up their own device with your details so they can transfer your money out of your account. Then they will tell you to uninstall you so you can’t see the transfers happening.

Remember: We will never ask you for activation codes. We will never send you an SMS asking you to remove/ uninstall the KBC app.

Card Fraud

Fraudsters can try to trick you into giving away your full card details. Sometimes they will send an SMS telling you that your card is on hold or an unusual transaction has occurred on your account. You will then be asked to click on a link.

Remember: Never disclose your personal banking login or other details in response to any unsolicited request.
Do not click on any suspicious links.

Security Information

Fraudsters can try to trick you into giving away your security information/ access codes. Sometimes they will send an SMS pretending to be from KBC advising you to expect a call from one of our Team. Fraudster can make their number look like a legitimate KBC number.

If you receive a call, and you are in doubt that you are speaking to a member of KBC, hang up. Call our customer service team on 1800 93 92 44.

Our staff will never pressure you to stay on a call. While we may contact you to discuss the operation of your account we will never contact you and ask for your personal banking details - like account numbers, PIN and other login details.

Spoofing

Fraudsters can and do create copies of genuine telephone numbers by “spoofing” caller ID that appears on your phone. It is important to remember that an inbound call may appear to come from a KBC number but there is no guarantee that the person calling you is not a fraudster using a fake number.

Fraudsters are targeting customers like you by calling you and claiming to be from  KBC and may trick you into thinking your details have been compromised with an elaborate story in a bid to trick you into providing personal and financial information.

These phone calls are fraudulent. Hang up and call us back and wait to speak to a customer service agent.

Vishing

Voice phishing is fraudsters using social engineering over the phone to extract private personal and financial information for the purpose of perpetrating fraud. Voice phishing is typically used to steal account details, credit card numbers or other information used in identity theft schemes from individuals.

To protect yourself, you should be highly suspicious when receiving messages requesting you call them to provide financial or personal information, if you receive such a message, only call back on a number you can verify online for the caller.