With the recession that is biting hard and the level of hunger in the country, crimes are on the increase, criminals seriously devising different dubious means to cheat people off their hard earned money and make ends meet for themselves.
Internet fraudsters are also on the increase devising different techniques to confuse bank customers who make use of the electronic system in order to have access to their funds and swindle them. One major way is to intercept their online transactions to get information about account holders.
One major way they achieve this is by sending spam emails/fraudulent messages to customers to get information about their account. I get such messages too. In fact, I have gotten no fewer than 10 of such in less than two months. Some even go as far as calling, pretending to be from your bank’s customer care unit.
Often times, they send junk emails to a large number of customers using logos similar to the original banks and wait for the customers to respond to such emails.
An unsuspecting customer may think the email is from his bank and if he discloses any information concerning his account, he may fall victim to the fraudsters.
You may wonder how these fraudsters, get your email address or phone number. They work by embedding dummy Trojan software on your personal computer, or by getting you to visit fake websites to enter personal details, or by capturing personal details directly from your computer (now extended to cell phones).
The emails are often hard to spot and can look like they come from common financial institutions and social networks.
Some of the junk emails usually come in this pattern:
“Dear esteemed customer, you would have to confirm you are an active account holder with us by following the procedures from your XYZ bank account. Thank you for choosing XYZ Bank.”
The fraudsters then go on to send some emails, which they could use to track the customers’ accounts.
One Mrs. O was recently swindled of N300, 000 after disclosing her account details to someone who called pretending to be from her bank. The person had called her to say her account have been deactivated because she hadn’t updated her BVN details, asking her to released her account details for it to be activated. In just a matter of minutes, she gave the information, the whole money in her account was gone.
Although many have fallen victim to this same trick, many will still fall victim not knowing how to identify these fraudsters.
To avoid being a victim, here are some tips to note:
1. Note that: No financial institution or agent will ever call or send an email to request your passwords, card number, card expiry date or Personal Identification Number. To give out any of these information to the bank, you are required to visit the bank or its official website which is usually written on the debit or credit cards with you. Please ignore any message that is not sent directly from his bank’s website.
2. Notice Red Flags: Red flags include requests for personal information such as banking details and password changes; prompts to click on links or download attachments, and requests from institutions you don’t already have a relationship with. Treat any red flag emails with caution and proceed to the next steps. Warning: Don’t click on a link within an email if you have any doubt as to the legitimacy of the message.
3. Check For…
- Alert-style text within emails that suggests your security has been compromised and that the embedded link you are being urged to click on will fix the problem. This is a pressure technique that instills a sense of urgency; just as you would in entering a common purchasing transaction, take the time to evaluate.
- Language that implies something onerous will happen if you don’t click on the link within the email message –for example, that your account will be closed.
- Bad grammar, strange capitalization or spelling mistakes. Legitimate companies usually put efforts into catching mistakes before releasing an email. Peculiar text can be used to circumvent spam software.
4. Look Closely At Links: Place your mouse over the common language link in the email again, without clicking on the link to see if the link’s web address is repeated within the status bar on the browser or email client.
A legitimate link will echo the text in the message. For example, the link in a message from the XYZ Bank will read https://www.xyzbank.com/link, or similar, rather than http://somethingelsefakebank.com/link or similar, or a series of numbers, called an “IP address,” like http://188.8.131.52/link, or similar.
5. Check Header: Check the sender’s actual address in the message header against “from address.” The displayed ‘from name’ is easier to fake than the sending mail address. The actual addresses should match, or the sending mail address should clearly originate from a legitimate institution sending a message.
Legitimate institutions will not send downloadable email attachments unless you have already entered into a dialogue with them about it. Never download attachments with “.exe” extension.
6. Take The High Road: Browse to the sender’s website directly. Do this by manually entering the web address root in a web browser address bar. Then, use the website’s navigation to find the information referred to in the email message. If the email message was legitimate, the contents will be available on the website too.
When browsing, check the browser’s address bar for the correct institution’s address, for example, XYZ Bank. Even if the web address has the bank’s name, it may not be the bank’s website. For example, XYZBankSecure.net is not the same as XYZ Bank.com.
7. Delete Message: Once you notice it is fraudulent, simply delete the bogus email message.