iBusiness Banking (iBB) Security Centre
Common Frauds and Threats
Our Online Banking services are a safe and convenient way to manage your finances, but you need to take care to guard against Internet fraudsters. It is important that you are aware of potential fraud attempts that originate from the Internet. You will find information on the most common threats and frauds below:
Email Scam Warnings
The Bank has been made aware by customers of different types of email fraud. Fraudsters are sending emails:
- Purporting to be from a supplier to their Customers. The email advises that the supplier has changed their bank account number and that all future payments should be made to the new account, which actually belongs to the fraudster, and
- Which spoof the From; field, so the email appears to be from a Manager / Director / Senior Staff Member within the company. The email is requesting the receiver to ‘complete a bank transfer to ‘another account’ and appears to be sent from the email Manager’s account.
- A subsequent mail is then sent from the ‘Manager’ with the receiving account details, which belong to the criminal.
If you receive such an email, we would recommend that you take the following steps:
- Contact the Supplier / Manager / Director etc using the existing agreed number to verify the request.
- Check the email address – it may be different to the genuine one.
- Do not use the email ‘reply’ function, from within the received email.
- Never open any attachments to an email unless you are satisfied the emails are genuine.
- Please look for any wording/grammar/tone that would be unusual for your company; e.g. request to complete / sort a ‘financial obligation’ or a ‘wire transfer’.
- Check the time stamp on any emails, as this can sometimes indicate an email coming from somewhere it shouldn’t.
- Ensure that all your iBB Users are aware of this threat and that they should report any suspicious activity immediately.
Phone Scam Warnings
Reports that fraudsters are calling customers trying to persuade them that their computer/laptops are operating slowly. The criminals are attempting to get customers to agree to pay a nominal charge to fix the problems and they then trick them to make a payment for a much higher value.
Have you received a call asking any of the following questions?
- Is your PC operating very slowly?
- Will you pay a fee to get it fixed?
- Do you want them to logon remotely to your PC to fix it?
This is a Fraud Scam do not log on to iBusiness Banking to make any payments to them.
Hang up and report the call to our customer service advisers on 0370 243 0331+ or email us at firstname.lastname@example.org. Call charges may vary – refer to your service provider.
SIM Fraud Swap
What is SIM Swap Fraud?
Fraudulent SIM swap is a mobile device specific fraud where the fraudster approaches your mobile service provider pretending to be you and requests that the existing mobile number be assigned to a new or ’replacement’ SIM card. Once the SIM swap request has been processed, the fraudster is able to access the new SIM card and may divert calls and receive your SMS notifications. The objective of these fraudulent SIM swaps is mainly to intercept messages sent by SMS for banking transactions over the Internet. With texts and calls now routed to the ‘new’ SIM card, the fraudster is able to access any unique codes sent by the bank to access people’s bank account. This scam will be used in conjunction with other Common Frauds and Threats such as a Phishing or Vishing attack’s as described above.
To safeguard against SIM swap fraud, we suggest that you follow these simple steps to help stay secure:
- Never disclose any sensitive or personal information such as login details, bank details,passwords or passcodes to any source
- Never ignore an SMS message alerting you to a pending SIM swap request on your account or if you suddenly cannot make or receive calls or messages. Contact your mobile provider immediately and enquire whether a SIM swap has been processed on your number
- Protect your mobile device via password (use strong passwords that would not be easy to guess) or biometric security (fingerprint). Where possible, set the screen auto-lock timer to activate after just a few minutes of inactivity
- Disable automatic connections. Some devices automatically allow connections to available Wi-Fi networks, and Bluetooth devices may connect and transmit data without your knowledge
- Consider using your manufacturer’s applications which allow you to find and track your device if lost. These applications also give you the option of locking or wiping your phone remotely if required
- Do not open emails from unknown sources – even if these appear legitimate or authentic and seem to come from your banking institution
- Never follow a link provided to you in an email to access the Internet Banking site for your banking institution. Instead physically type the address into the browser address bar.’
If you suspect that you have been a victim of SIM swap fraud, contact your mobile provider.
Malware (Trojans and Viruses)
We would like to bring to your attention the growing threat of online fraud from malicious software (malware) such as Viruses and Trojans on our customers’ computers.
In particular, a Trojan is malicious software that is installed on any internet enabled device (e.g. computer, smartphone) without your knowledge or consent. Trojans are capable of recording your passwords and other personal details by capturing the keystrokes you enter into the device, or taking screenshots of sites you visit. These details are then sent to a fraudster. Some Trojans actually allow a fraudster to shadow your computer sessions, seeing everything you do.
You may have seen reports in the press recently regarding current threats from sophisticated malware. Although these threats are serious, you can do simple things to protect yourself. Be suspicious about any emails you are not expecting, even from trusted sources. Do not click on links contained in emails. Make sure that you set your PC to update the Operating System and your Malware protection automatically.
How do you know that you are under attack?
- Fake iBB screens or pop-up windows asking you to key details into your iBB Digipass.
- Your PC slows down while using iBB - particularly at logon
- Suspicious phone calls are received purporting to be from the bank regarding iBB; asking you to create codes on your Digipass, perform tester payments and/or authorise payments, which we would never ask you for.
REMEMBER: Always check that the Beneficiary details for payments you are authorising are legitimate.
Example of a bogus iBB screen
While the screens below may look authentic, these are examples of a hacker attempting to get security information from you to make a fraudulent payment.
For more information on staying safe online go to: https://www.getsafeonline.org/nca/
Vishing (Telephone or Voice Fraud)
Vishing is when an individual telephones you purporting to be from the Bank and requests financial and/or personal and security information. If you question their authenticity, they give you a genuine telephone number to call but they do not end the original call so that when you dial the genuine number you are still connected to the same individual or their colleague. We recommend that when you hang up you call from a different telephone number.
The term is a combination of ‘voice’ and phishing. It is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.
Adware and Pop-up windows
Pop-up windows are the small windows or adverts that can appear suddenly over or under a browser window. Pop-up windows can be used to obtain personal information from an unsuspecting user. Fraudsters can also use fake ads to fool you into visiting a fake website and supplying personal details.
Please note pop-up windows can be legitimately used by some websites/offerings such as ’Verified by Visa’ and ’MasterCard SecureCode’.
Have you heard of Cyber Essentials? The new UK government initiative to prove your company’s security credentials and give you a competitive edge.
The National Crime Agency will issue warnings about any new malware attacks that people need to be aware of.
An example is a Banking Trojan known as Cridex or a related variation, Dridex. Banking Trojans are malicious pieces of software which activate when the user uses banking websites. Cridex/Dridex will look for evidence of Bacs and FPS (Faster Payments Scheme) processing software on the PC. If it finds it, the virus will then download additional malicious software to exploit the processing software it has found.
Cridex/Dridex includes remote access software which allows the attacker to alter bulk payments files to change the destination of the funds. Dridex also includes a keylogger, software that records every keystroke you make. By using this software, the attacker may be able to collect PIN and password data for use in signing submissions once they have been altered.
To get infected you will have to click on a malicious link in an email, the most common being subjects such as a fake Amazon invoice, HMRC phishing campaign or ‘you’ve got a friend, click here. It is also possible that fake websites may download the virus when visited.
To minimise risk it is recommended that access to computers used for managing Bacs payments is carefully controlled and that they are not used for surfing the web or accessing email. You should also run Anti-virus scans regularly and particularly before submitting payment files.
Other actions you should take to protect your business:
- Make sure your Bacs submission computer has up to date software.
- If you are still using Windows XP then you may be at greater risk as any software problems with it that could be exploited by a hacker no longer get fixed by Microsoft.
- Never open attachments to an email unless you are satisfied the email is genuine.
- Ensure that all your iBB Users are aware of these threats and that they should report any suspicious activity immediately.
- Delete the email immediately
- Only visit website you trust and type the address into your browser rather than following a link on an email or website.
SMS (Text Message Fraud)
Phishing is a common technique used by fraudsters in an attempt to obtain personal and security information for the purpose of identity theft or financial gain. The fraudsters use email messages that appear to come from legitimate businesses in an attempt to fool you into supplying your personal details. Financial institutions are frequently targeted by these types of attacks.
AIB (NI) may on occasion send you product related or marketing surveys via email. It is important to note that these mails will not ask you for personal or banking information.