Bank of Lithuania warns: beware of messages sent by scammers

“Residents would be safer if they simply ignored SMS or email. Emails requesting urgent action, such as downloading a report, activating a smart identification device, or clicking a link to submit. We recommend that all related transactions with banks or financial institutions are carried out only through the secure channels specified on the websites of these institutions: online banking, call center or application ”, says Vidas Žabinskas, representative of the Department of Operational Risks and Information Technology of the Bank of Lithuania.

Traditional channels commonly used by scammers can be email. emails, SMS messages and, in some cases, social networks and calls. The main objective of the scammers is to convince them that the message comes from a source known and trusted by the resident. This is often followed by steps that can lead to the loss of personal data or the infection of a computer with a virus.

Gavus the. a letter or an SMS message from a supposed financial institution, when asked to take a certain action, the Bank of Lithuania recommends paying attention to characteristics such as, for example, the sender’s address.

“Often the response, whether written by scammers, can be seen in the recipient of the sender. Financial institutions do not use such general emails. Email addresses such as Gmail, Yahoo, Yandex, Hotmail, etc. There are times when scammers log emails. an email address that, at first glance, is very similar to the name used by a particular financial service provider, but differs in small details, such as interchangeable “l” (lowercase L) with “I” (capital “i”), “i” with “j”, “0” (zero) with “o” or “O”, “m” with “rn”, etc., and use this address for messaging and two-way communication. If you notice such alleged inaccuracies, stop any communication with the sender, “the report says.

Another typical thing about scammers is when a person is asked to take an action, for example by clicking on an active link. Often times there is a completely different link behind a seemingly normal link that points to malicious code or a fake web page for illegal data collection. You will also be asked to open the document attached to the message.

“Malicious code can be inserted into documents in various formats (for example, pdf, Word, Excel, slides, etc.). Opening an infected document can lead to the hijacking of a computer (for example, all data can be encrypted and request a ransom, or spyware that collects sensitive personal or business data may be installed), according to the report.

It is also written that scammers often try to give the impression that the user’s actions must be immediate, otherwise the user may suffer one or another loss, for example, the user must immediately enter their login details to avoid have someone perform operations on your behalf. , or open a pin, a supposed report of suspicious activity taking place at that time, and so on.

This is to create a state of stress so that a person can perform the actions required by a scammer without considering it. If you receive a “problem” message, first contact your bank through the secure channels listed on their website, but not through the contacts provided by the scammers.

It should also be taken into account whether at the beginning of the message the sender addresses the recipient with a personal or general address (for example, Dear customer). If a general appeal is made but specific individual action is requested, this could be another factor worth addressing.

“Note that even if the sender’s address appears reliable, but there are other circumstances (urgency, active action), stop any communication with the sender and contact your bank with officially specified contacts,” warned LB.

However, if you are involved in a scam and suspect that data has been leaked or that your device has been infected, contact your bank immediately. Under no circumstances should you confirm requests that you did not initiate yourself with the Smart-ID application or mobile electronic signature. Also, immediately change your password for the accounts (email, gadgets, etc.) where you used it before. Remember that a password alone is not enough to make payment transactions, a second factor is required that is not controlled by scammers (for example, smart identification verification).

The Bank of Lithuania notes that this message is for informational purposes only. If consumers suspect they have been the victim of a crime, it is recommended that they contact the police.