Head of Financial Crime & Security, Ivan Olivera talks about the risk of email fraud and what to be aware of in general and as a client of a bank.

As they say, digitalisation is bringing great advantages to our daily life and into modernising our way of conducting simple tasks. However, with advantages we also have disadvantages that challenge us to increase our security. As we normalise the amount of time we use the internet to do our daily tasks, we also need to be aware that cybercriminals are also spending a great amount of time studying behavioural patterns and coming up with new tactics to exploit the public.

Lately we have seen an increase in email scams where the methods used are becoming more sophisticated. For example, cybercriminals will often impersonate a senior person in an organisation who is authorised to conduct bank transfers by using the same email format. 

Gibraltar as a jurisdiction has lately been the focus of cybercrime attempts via SMS mobile phone messages and email scams. The scams appear to be genuine messages from the respective bank requesting the client to click on the links provided and proceed to give their security details, username and password. 

It should be noted that Trusted Novus Bank (TNB) will never :

• email or text you asking for you to verify your account or security details
• email, text or call to ask for your card details, PINs or passwords
• email or text you a link that takes you straight to the online banking page

It’s imperative to be vigilant and alert to anything suspicious, and to contact your bank if in doubt.

Here are some “Red Flags” to look out for to help prevent the risk of fraud:

• Do not trust the displayed name in the email
• Look but do not click
• Never provide sensitive information
• Beware of ‘urgency’
• Check for spelling or grammar mistakes
• Look at the salutation
• Check the domain if possible
• Take care with attachments
• If an SMS message or email purporting to be from your bank asking to confirm your security details – Do not reply or click any links.

If you have accidentally handed over your personal details, or transferred money, to a fraudster, please contact us straight away.

In connection with fraud, you have probably also heard of phishing and pharming.

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss.

Pharming is a cyberattack to redirect a website’s traffic to another, fake site. Pharming may cause users to find themselves on an illegitimate website without realising they have been directed to an imposter site as this site may look exactly like the real site. Online banking websites as well as e-commerce organisations are popular pharming targets.

Phishing and pharming threats, if used simultaneously, cause the most potential for online identity theft. Unfortunately, anti-virus and anti-spyware software are often incapable of protecting against this type of cybercrime.