Phishing, Smishing and Vishing

Phishing

Phishing scams are fraudulent email messages appearing to come from legitimate high profile companies. These messages usually direct you to a false web site to get you to divulge private information (e.g., passwords, Card information, or Date of Birth etc). Cyber-criminals then use this private information to commit identity theft, or to drain your bank account of money.

How do you recognise it?

In a typical scenario, a phisher sends a deceptive email with a “call to action” that demands the recipient click on a link. Typically, the email will have spelling mistakes and/or incorrect grammar. However, in many cases the e-mail may appear to be very convincing and have many of the logos of genuine institutions, even well known banks. Here are some phrases that may be used in a phishing e-mail:

  • “Verify your account”
  • “Respond within 48 hours or your account will be closed”
  • “Dear valued customer”
  • “Click the link below to gain access to your account”

How does it work?

If you enter confidential information into the fraudulent web site, the cyber criminals may be able to subsequently impersonate you in the future to transfer funds from your online bank accounts, purchase goods online using your bank cards, or inflict other forms of financial loss.

In many cases, the person responsible for the email does not directly cause the economic damage, but resells the illicitly obtained information in a variety of online forums and chat rooms.

What to do?

If you suspect you have entered personal details or KBC Online Banking login information into a fake website, please contact us immediately by calling 1800 92 93 44

How can I prevent it from happening?

  • Please note that KBC will address you by name in any correspondence.
  • KBC will never ask you by email or telephone for login or personal information, such as your login ID, passwords, activation codes or the codes from your Digital Key.
  • Never respond to any unsolicited email or phone calls requiring personal information. No reputable company will ever ask for this kind of information.
  • Use an anti-phishing toolbar. Anti-phishing toolbars are included in many of the common Web Browsers. Ensure you have the most up to date version.
  • Keep your Anti-Virus software up to date. Anti-virus vendors are also including Anti-Phishing toolbars with the latest versions of their products. However, at anytime if you feel that your computer has been tampered with in any way please ensure you change your passwords.
  • Ensure that any website requiring confidential information is using a secure connection. Always look for https and a pad-lock in the browser window and pay attention to error messages that the browser gives when it says a site cannot be trusted.
  • Never send personal or confidential information in an email.

What is KBC doing to help?

KBC Bank takes security very seriously and we try to shut down fake websites as soon as they are discovered. Unfortunately we cannot provide complete protection against phishing attacks; therefore you should always keep yourself alert to phishing risks.

We will notify you via our website when new fake e-mails purporting to come from KBC are in circulation.

Should you notice anything suspicious please email us directly on alert@kbc.ie

Top Tips

  • Be suspicious of any emails / websites offering something too good to be true; it probably is.
  • Be wary of websites you hand over your credit card details to. Try to ensure that you get a reference about a website before you trust them. Use only reputable and known brands.
  • Never reveal your passwords.
  • Monitor your bank account / credit card statements regularly and report any suspicious activity immediately.

Smishing

SMS phishing is a form of criminal activity using social engineering techniques.  An SMS (or text message), or app message, purporting to be from KBC asks you to log on to KBC.ie via a fraudulent link to update your personal information. The fraudsters may then use this information to access your internet banking account.

There has been an increase in ‘Smishing’ attacks at the moment, so be alert! Remember, KBC will never ask you to provide your KBC User ID or logon to kbc.ie via any link provided over SMS.

What to do if you have received a suspicious SMS?

  • Do not use the link that is in the SMS
  • Do not send any credit/debit card information or log-on credentials by SMS
  • If you have already used the link and/or entered your details, contact the Customer Service Team on 1800 93 92 44 as soon as possible.

Vishing

Voice phishing is fraudsters using social engineering over the phone to extract private personal and financial information for the purpose of perpetrating fraud. Voice phishing is typically used to steal account details, credit card numbers or other information used in identity theft schemes from individuals.

To protect yourself, you should be highly suspicious when receiving messages requesting you call them to provide financial or personal information, if you receive such a message, only call back on a number you can verify online for the caller.