Our website uses cookies to enhance your browsing experience and to collect information about how you use this site to improve our service to you. By not accepting cookies some elements of the site, such as video, will not work. Please visit our Cookie Policy page for more information on how we use cookies.

Fraud Prevention 25/4/22

Detective Inspector Mel Smyth was in studio to discuss Smishing (fraud texts),Vishing(fraud phone calls)and Phishing(fraud emails). He explained the two elements used by fraudsters - to get control of a bank account (Account take over fraud) or to get payment card/credit card details (Card not present fraud)   

Account take over fraud

Step one

  • - thousands of text/sms messages sent out to random people: 
  • - The text will be unsolicited.
  • - Text messages will appear to be from your bank
  • - The texts will be inserted into a chain of real messages the victim may have received from their bank (via technical work by the fraudster). 

Step two

  • - The text will always call for action to attract the attention of the victim and cause alarm to prompt a quick response; EG. account holder let to believe there is a risk to their account such as a suspicious transaction or   suspicious login etc
  • - The goal is to get the caller to click on a link to a fake bank website.  

Step three

  • - The victim clicks on the link and is prompted to log into their account on a fake but very real looking website
  • - Their log in details are recovered by the fraudster who controls the website.
  • - The criminal now has access to the account online 

Step four

  • - The challenge for the fraudster is to get over the security that prevents unlawful transfers out of the account. For this he / she needs to engage with the victim.
  • - The criminal calls the victim, with a very well prepared script to convince the victim to give them security codes. For example, the criminal will try a transfer as he / she is speaking to the victim, that prompts the bank to send a security code to the phone of the victims phone, the criminal will ask the victim for this 6 digit code that has just been sent - the unsuspecting victim gives it - the fraudster transfers money out of the account, almost always to a money mule account in Ireland or abroad.
  • - The alternative is that the criminal will try and change the phone number of the account, he / she may need to get over security to get that - they will engage with the victim to get over this security - a new phone is added and all security codes are transferred to a phone in the hands of the fraudster - 

Card not present fraud.  

These smishing frauds often target payment cards - there is less of a return usually when a payment card is compromised -  

Step one

  • - A text is sent pretending to be a retailer/delivery company etc to thousands of people. This prompts the victim to pay some fee to get a product delivered or some other such story. The fee is often very small, €1 or €1.50 so the victim is not concerned!  

Step two

  • - the victim clicks a link to a fake but very real looking website, puts in their card details to make the payment.  

Step three

  • - The card details are now known to the fraudster 

Step four

  • - the card will be used to make online purchases, or to withdraw money in some cases  

Advice  

BE FRAUD AWARE  

RED WARNING FLAG 

When you get an unsolicited text from your bank or from a retailer that is causing you to be concerned about your bank account or prompting you to pay a fee by clicking on a link.

STOP - Think fraud and NEVER click on the link 

RED WARNING FLAG  

You were not thinking and click on a link that leads you to log in to your bank account or to make a payment using your debit and credit card - STOP AND THINK - IS THIS FRAUD? IT PROBABLY IS

 STOP - Think fraud and NEVER click on the link 

RED WARNING FLAG

You click on a link, log in and then receive a call from someone who purports to be from your bank or other business - they sound very professional - they ask you for access codes to your accounts, security codes sent to your phone or email, or for the pin number to your card - BANKS will never ask for log in details or security codes or answers to security questions over the phone 

STOP - Think fraud and NEVER click on the link 

NEVER click on the link 

Delete the message.

Check your account through your banking app

If you are concerned, go into your bank or contact their fraud line and seek advice

If you have given away your details and then realise it is a fraud, contact your bank immediately, ask them to recall your money, if the fraud line is busy, call into your bank and ask for help

If your card is compromised, ask for it to be cancelled. 

PROTECT your personal data, Name, Address, Date of Birth, PPS number etc

Never give this information in response to an unsolicited text, email or phonecall. 

Further information on fraud