Safe deposit box fraud among companies and self-employed people on the rise

Stay up to date with the latest measures from the financial sector

20 October 2023 - 4 min Reading time

Companies and self-employed people are increasingly becoming the target of safe deposit box fraud, a sophisticated form of fraud in which scammers pose as bank employees to steal large sums of money from business accounts. Although this form of fraud has been occurring among private individuals for some time, cyber criminals are now also targeting companies and self-employed people, causing major financial damage.

 
Your bank will never ask you to provide your personal bank codes or to transfer money to another account via telephone, email, text message or social media..”
Febelfin

How do cyber criminals work?

 

Safe deposit box fraud usually manifests itself in two distinct phases. First of all, the entrepreneur or self-employed person will receive a phishing message from an apparently reliable sender, such as a bank, the postal service, a telephone operator, etc., which leads via a link to a (counterfeit) website. Scammers use this website to collect personal information such as contact details or even codes to log in to internet banking. Once this information is provided, the scammer gains access to the business accounts and can carry out fraudulent transactions.

Smart techniques to manipulate

 

The victim then receives a call from the fraudster posing as a bank employee to warn him about some suspicious transactions that have taken place on his/her account.

For example, with the information obtained by the fraudster through phishing, he can refer to the account balance and recent transactions. In this way he gains the trust of the victim and convinces him/her to achieve the ultimate goal: transferring a large sum of money to a 'safe deposit box'. However, this safe deposit box does not exist at all, and as soon as the victim makes the transaction, he loses his money. The fraudsters use money mules' accounts to quickly transfer their loot. An alternative scenario is that the fraudster has the 'cancellation of fraudulent transfers' confirmed by the victim, while in fact he or she just signs the fraudulent transfers.

There is also the possibility that this first step of phishing is skipped, and the fraudster immediately calls the victim to persuade them to transfer money to a 'safe deposit box'. Both techniques are used by the fraudsters.

Stronger together

 

Scammers use various smart techniques that make it easy to fall into the trap. Fortunately, companies and self-employed people can protect themselves by being alert to suspicious messages and calls and following best practices.

Tips to protect your business 

 
  • Never provide the company's personal information and/or bank codes (account number, PIN code, response code) via email, text message, telephone call, a message on social media or WhatsApp.
  • The bank - or any other organization - will never make such a request. Nor will the bank advise transferring the company's money to an account of another party. There is no such thing as a safe deposit box!
  • The bank will also never ask you to install software (anydesk, teamviewer) to take over the computer remotely.
  • Did you receive a strange message or call and are you unsure about its authenticity? Then be on the safe side and don't respond to this. Don't let yourself be pressured or persuaded to act 'quickly'. Do you want more information? Then call the bank yourself. Scammers cannot intercept that call.

Got scammed?

  • Contact your company's bank as soon as possible. The bank can be reached 24/7 via special fraud numbers to report fraud online. An overview of all contact points can be found on the website cardstop.
  • Notify Card Stop (078 170 170).
  • File a complaint with the police.