Scammers have once again become active with various phishing schemes to acquire personal data from clients of credit institutions using special fake advertisement links in internet search engines, mimicking real homepages of banks, warns Citadele Bank’s IT Security Office.
Fake links put in search engine results lead users to a website that is almost visually identical to websites used by banks. The goal is to record clients’ access codes and other personal authentication data. «Fake advertisements can be identified, because they will have an Ad label. Unfortunately, we receive reports that residents, either due to recklessness or ignorance, still click on such links and provide data,» explains security expert Roberts Birzgalis.
How does this type of scam work? The scammer creates an Ad in a search engine (Google or other) to make sure it shows up first in the search results. A user, thinking it is his or her desired search result, clicks on the fake link. Then he or she is taken to a phishing site that looks almost identical to the real one. Phishing sites are used to steal sensitive data (username, password, authorisation codes, payment card data).
How to identify phishing? Always check to make sure the website’s address shows up in the address bar. Users are advised to look for any changed symbols or unnecessary words in the address. If users visit websites, frequently, it is advised to bookmark it to make sure the search engine provides that and only that variant of the page.
Users are advised to not open up the first link provided by a search engine and marked with and Ad label!
Before typing sensitive data on websites (username, password, authorisation codes, payment card data), users should first make sure the website is real. No website or online payment system in use does not require users to put in their PIN code data. If a website does require it, it is a very big red flag.
The bank’s expert reminds: banks will never call their clients over the phone as ask them to provide access codes or other sensitive information!
Also read: Latvian residents lose 1.4 million euros to scams in October