Fraudsters are committing man-in-the-middle vishing scams to exploit genuine bank account details and security information which enables them to make unauthorised payments to bank accounts under their control.
Generally, victims are contacted by a text, letter or email purporting to be from their bank, which requests that the victims contact them on a telephone number provided.
The victim phones the number provided, and the suspect then redirects them to the bank; however as the call has been redirected, the criminals have the ability to record and listen to this call as it is being made, gaining all the victim’s security answers and personal details.
The criminals then phone the bank at a later date purporting to be their customer and exploit the genuine credentials and security information gained to request a range of payments to be made from the account(s).
- Never provide personal or financial details to an unsolicited caller.
- Always contact us on a trusted number found on our website or correspondence that is known to be authentic, such as a statement. Do not call the number provided on the text, letter or email without first confirming that it belongs to us.
- If you have concerns about the validity of the caller, please hang up and contact us to request confirmation of any possible communication made by us, prior to giving out any personal details.
Advanced Fee (419) Fraud
Advance fee fraud or ’The 419 (four-one-nine) fraud’ as it's also known, is a method by which a fraudster attempts to trick you into supplying 'up-front' money to secure your involvement in their specified transaction. There are many variations of this type of fraud.
How does Advanced-Fee (419) Fraud work?
- You would first receive an unsolicited communication (e.g. fax, email, letter or website) concerning an individual, business or government entity wanting to get money out of the country
- These communications (e.g. websites, letters, emails or faxes) often look very similar to those of a reputable institution
- The fraudster then contacts you directly offering to transfer money into your bank account in exchange for a small fee
- If you respond to the initial offer, you may receive ‘official looking’ documents to complete. Typically, you are then asked to provide a blank letterhead and your bank account details, in addition to money to cover the transaction, transfer costs and attorney's fees
- The fraudster will then quickly move your money to an offshore account and then move on to their next victim.
How to recognise Advanced-Fee (419) Fraud letters
- They generally include requests for ‘up-front’ money to secure your involvement in their transaction. Hence the name: ‘advanced fee fraud’
- They are generally marked ‘urgent’ or ‘confidential’
- Often they promise millions of dollars for your help, once the transaction is completed
- They always have a scheme or reason for contacting you, examples include:
- An inheritance that is tied-up
-Diamonds in boxes that they need to get out of the country
-Millions of dollars in boxes that they need to get out of the country
-Money ‘frozen’ by government
-Excess oil or other merchandise
- Most 419-fraudsters present themselves as individuals such as doctors, lawyers, sons of ex-generals and other important persons, to trick you into thinking they are respectable and trustworthy individuals
- They are always seeking a foreign ’partner’ to help them
- They will ask for personal information about you, such as:
- personal or business letterhead
- banking information
- personal telephone number.
What should you do if you suspect a 419 scam?
Delete the email. The email, although it may look like it is addressed specifically to you, will have been sent to many people.
Malware (Trojans and Viruses)
The effects of malware can vary widely depending on what it is designed to do. Some cause little or no damage, while others can be very dangerous and deliberately target customers who bank online. Banking specific malware can gather personal or security information entered on the infected PC/laptop/phone. Such malware can gain access to the device when the user is tricked into opening or running an infected attachment they have received from a seemingly legitimate mail, through an infected file they have downloaded or even by visiting an infected website.