Cybersecurity experts warn of the increasing number of attempts by fraudsters to defraud residents of their money using fake bank advertisements on social networks. Although this type of fraud is not new, criminals are coming up with increasingly diverse forms of it. Dr. Dalia Kolmatsui, Head of Private Client Services at Šiaulių Bankas, draws attention to the fake advertisements that have been spreading most frequently on Facebook in recent months, offering rewards for participating in a bank survey. Falling for such a scam can result in financial losses.
Classic online fraud in a new guise
D. Kolmatsui says that the first attempt of this type to defraud bank customers was recorded about two months ago, and later repeated attempts to apply a similar scheme were noticed. Advertisements allegedly from Šiaulių Bankas are published on social networks, in which bank customers are invited to click on an online link and take part in a survey. For this, 175 euros or other monetary reward is promised.
If you believe the advertisement and click on the link, you are directed to a fictitious page, where you are asked to log in to your bank account after filling out the questions provided, enter your e-banking login or bank card details. After doing this, you have to wait, and while the "login" is taking place, using the entered details, the fraudsters connect to the client's Šiaulių bankas account, where they initiate transactions, and the unwary client approves outgoing payment transactions, thinking that they are approving the login.
"The recent wave of advertisements offering to participate in the survey shows that criminals continue to be active in the social media space, lurking for their victims, and repeated attempts to use this scheme mean that it is at least partially effective. We know that such fake advertisements are used to deceive not only our customers, but also customers of other banks operating in Lithuania, and certain signs indicate that this criminal activity may be organized from abroad," says D. Kolmatsui.
Much effort is being made for prevention
According to D. Kolmats, Šiaulių bankas devotes a lot of resources to the prevention of these and similar frauds and applies advanced monitoring mechanisms. As soon as fake advertisements are noticed or customers report them, the bank aims to promptly remove such content from social networks and the Internet.
However, D. Kolmatsui notes that social media companies do not always respond promptly to reports of scammers. In addition, even after eliminating one threat, criminals can easily create and spread new advertisements of a similar nature. Therefore, according to the expert, it is necessary for residents not to lose vigilance, to critically evaluate content on the Internet and not to be tempted by generous rewards, gifts or overly good-sounding offers.
"We constantly inform our clients about this, but there is still a widespread stereotype that only older people or those who rarely use the Internet fall into the traps of scammers. Recent cases of fraud using fake advertisements show that people of all ages and education levels are susceptible to the tactics of criminals. Such fake advertisements, unlike some other "phishing" attacks, are aimed at a very wide audience - their goal is to reach as many people from various backgrounds as possible. A lot of money is invested in this. Defining a general portrait of victims would also be very difficult, which only confirms that cybersecurity hygiene and habits are necessary for everyone today," notes D. Kolmatsui.
It is important to stay alert.
The expert emphasizes that Šiaulių bankas never asks customers to provide e-banking login or bank card details, does not offer rewards for surveys, and does not invite them to participate in them via social networks. It is also very important to never approve transactions that you did not initiate yourself.
D. Kolmatsui also urges not to click on any suspicious links, and in order to log in to your e-banking, she recommends manually entering the bank address in the browser. Login links received via SMS messages, e-mails or distributed on social networks, according to the bank representative, are almost certainly a scam, so you should not click on them.
Even if you click on a fraudulent link, damage can often be avoided by stopping in time and not entering the bank login or card details you typed in. You can only enter them by going directly to the required page yourself and being 100% sure that the website of the bank or other platform you are connecting to through the bank is genuine.
"Most phishing attacks aim to disguise themselves as well-known institutions, companies, and brands. For this purpose, their communication style and visual identity can be imitated quite convincingly. However, certain details often betray the deception - a strange or unusual domain of the page to which the link leads, an unusual address of the sender of the message or letter, the text of an advertisement or information message resembling an automatic translation, etc. For example, some of the fake advertisements in question were distributed through accounts that are in no way related to Šiaulių bankas. In other cases, fake bank accounts were used, which is easy to verify by visiting the real one. Unreliability when browsing the Internet should become a natural state," says D. Kolmatsui.
