Fraud with Fake SMS and Calls from 'Banks': How Not to Fall for It

How Fraud Schemes with Bank Calls Work 

Phone fraud with cards remains one of the most common threats. Criminals pose as security service employees and under various pretexts try to obtain the victim's data. They may claim that money is being withdrawn from the card, offer to block a suspicious transaction, or demand identity verification.

Main Tricks of Fraudsters: 

1. Intimidation with an emergency situation: fraudsters talk about an attempt to withdraw funds or hack an account.
2. Creating panic: the victim is convinced that they urgently need to confirm the transaction, otherwise they will lose money.
3. Number spoofing: calls come from numbers that mimic official bank contacts.
4. Request for confidential data: fraudsters ask for the SMS code, CVV code, or passport data.

Some schemes have become more technological. For example, criminals use artificial intelligence to create realistic voice messages. This allows them to mimic the speech of bank employees, making the scam more convincing.

Another tactic is using a bank client database. Hackers buy lists of phone numbers associated with certain financial institutions on the black market. This makes their calls more credible, as they address the victim by name and accurately name their bank.

Fake Bank SMS: How to Recognize Them

The deception of bank clients using fake SMS is aimed at gaining access to the victim's finances. Most often, such messages contain a request to confirm a transaction, block a card, or follow a link for authorization.

Signs of Fake SMS: 

1. Errors in the text or strange wording.
2. Sender numbers do not match official bank contacts.
3. Links lead to fake websites mimicking bank pages.
4. Demand for urgent entry of a password, confirmation code, or other personal data.

Some messages contain threats, such as a notification about account blocking if the client does not perform the specified action. Such methods exert psychological pressure, forcing the victim to make a quick decision.

Fraudsters may also send fake SMS when the client is actually performing a transaction. For example, if a person transfers money to a friend's card, criminals may send a message from the 'bank' asking to cancel the transaction and transfer the money to a 'safe account'.

Scam for Payment Confirmation and Confirmation Codes 

Scams with confirmation codes aim to make a person hand over their login data for the bank or conduct a transaction to the fraudsters.

Most often, criminals use such scenarios:

1. Reporting a suspicious transaction. The 'security service' calls the victim and reports that someone is trying to withdraw money from their account. To cancel the transaction, the SMS code must be dictated.
2. Requesting confirmation of login to the personal account. Criminals send a login request to the mobile bank and then call the client, persuading them to provide the code.
3. Convincing that account access will be blocked. In some cases, fraudsters claim that to continue using banking services, verification is needed.

In reality, passing the confirmation code to third parties is dangerous: criminals can gain access to the account, change login data, and withdraw money.

An additional risk is associated with SIM replacement. If fraudsters manage to obtain a duplicate of the victim's SIM card, they can independently request confirmation codes and manage bank accounts.

Another scheme is bank site spoofing. A person enters their data on a fake page, after which fraudsters use the obtained information to transfer money.

How to Distinguish Fraudsters from a Real Bank 

To not fall victim to a scam, it is important to understand the difference between the actions of a bank and fraudsters.

A real bank never:

1. Requests the card's CVV code, passwords, and confirmation codes.
2. Asks to transfer money to a 'safe account'.
3. Requires the installation of third-party applications for protection.
4. Sends links to unfamiliar websites.

How to Protect Against Fraud: 

1. Check call numbers through the official bank website.
2. Ignore SMS with suspicious links.
3. Use only the official banking app.
4. In case of doubt, call the bank back at the number from its website.
5. Disable the ability to restore the SIM card number through the operator's phone support.

Additional Security Measures:

• Enable two-factor authentication for bank login.
• Set limits on transfers and payments.
• Check account statements to quickly identify suspicious transactions.
• Use virtual cards for online purchases.

Criminals constantly improve their fraud schemes, but attentiveness and following security rules will help avoid financial losses.