Issue Date: 16th November 2023
Fraud Awareness: An Garda Síochána remind the public to be suspicious of texts/calls asking for personal data
• Smishing and vishing up 20% year to date
• Account takeover fraud down 48% to Q3 in 2023
• Over 1,000 reports of account takeover fraud amounting to almost €7 million stolen to date in 2023 (v. 2361 reports, almost €11 million in 2022)
• 62% of victims aged 26-60 (58% female, 42% male)
• People aged 40 – 60 most likely to be victims
An Garda Síochána is asking members of the public to always be suspicious of texts and calls asking for any personal data or money. Sophisticated fraudsters use texts, calls and emails to trick members of the public into giving away their personal data, enabling the fraudsters to take over their bank account/devices or debit/credit card details. In 2022, account takeover fraudsters netted almost €11 million in Ireland.
What is account takeover fraud?
This is where an individual receives a text (smishing), call (vishing) or email (phishing) from a fraudster that appears to be from a bank, service provider, delivery company or government agency and aims to take over their bank account, devices or debit/credit card details.
If it’s a text (smishing), usually the fraudsters get the individual to click on a link and insert their PIN. This could be followed up with a call from the fraudster pretending to be from their bank. The result is the fraudster takes over their account or adds beneficiaries (i.e., money mules) and makes online transfers. Or, they may get the person to pay a small amount (e.g., customs charge) with their card details and use these to make other purchases online.
If it’s a call (vishing), the fraudster may phone the person to tell them that they are ‘under investigation’ for tax fraud and that they can resolve the matter by paying their bill immediately. They may ask for their bank account details, credit card details, PPS number, etc. Or, they may encourage them to download software (e.g., AnyDesk) so they can take over their computer.
Common types of smishing/vishing:
• Revolut
• Banks
• Delivery service
• Eflow
• Service Provider
• Child in trouble
• Government Departments including Gardaí
How to avoid account takeover fraud?
• Be wary of texts (even those in the thread of previous genuine texts from banks), especially if you are expecting a delivery
• Be wary of cold calls – always ask the caller their name and for their phone number. If you have any concerns just hang up and ring your bank/service provider using the number on your bill/statement – just because it looks like an Irish number doesn’t mean it is
• Don’t download any Apps that give fraudsters control of your device
• Never ever click on links
• Never ever give away your personal data (e.g., bank details, PIN numbers, passwords, one time codes, PPS number, Eircode, etc)
• Do not transfer any money
• Get advice from a trusted person before taking any action
• If you have been a victim, change your passwords/pin codes, report it to your bank ASAP and ask them to do a recall, then report it to Gardaí.
Speaking at today’s briefing Detective Superintendent Michael Cryan of the Garda National Economic Crime Bureau said:
"Practically everyone in the country has got a text that looks like it’s from a reliable source and yet it’s not – anyone can be a victim, regardless of age or where they live. And, remember Revenue will never call you to tell you that you are under investigation either. Our advice is always to be wary of any concerning texts or calls – just stop and think before you click on anything or show it to someone you trust for a second opinion. Never give away your personal data and if you have been a victim of account takeover fraud make sure you change your passwords and contact your bank as soon as possible and report it to Gardaí.”
An Garda Síochána is advising members of the public who believe they are a victim of fraud or think their account has been compromised, to contact any Garda Station.