The number of phishing cases continues to rise

18 March 2019 - 7 min Reading time

Despite all the warnings, the number of cases of online banking fraud further increased in 2018. A total of 9,747 cases of phishing were recorded. In this form of fraud, scammers attempt to obtain bank codes or other personal information by impersonating a bank, the police, a telecom operator, an interested buyer, and so on.

 

In 2018, 9,747 cases of phishing were identified, which is three times as many as the previous year. The increase is primarily due to the methods employed by phishing criminals nowadays. They repeatedly steal smaller amounts, but in the end, they accumulate a substantial haul. In total, the fraudsters made off with more than 8 million euros.

How do phishing criminals operate?

 

You receive a message in the name of your bank or another organization you are familiar with (police, a telecom operator, etc.). In that message, there is a link that takes you to a fake website designed to trick you into revealing your banking codes.

These codes could be the ones you use to log in to internet banking or your bank card's PIN. They could also be the numerical codes generated by your card reader, which you use to authorize your payments.

With these codes, fraudsters can make fraudulent payments on your behalf using your money. Often, you are left with a depleted bank account.

 

Not only in your inbox

 

The time has passed when phishing criminals only targeted email inboxes. They also attempt to fish for bank codes through phone calls, text messages, WhatsApp messages, and social media messages.

Second-hand websites are also plagued by phishing attempts. Phishing criminals pose as interested buyers and then ask sellers to transfer them 1 euro cent, supposedly to verify the correct name and account number. The payment link they subsequently send via SMS or social media message redirects the seller to a fake website, where they are asked to enter their bank details.

"Millions of people successfully transact on our platform every month, and while it goes well in almost all cases, every case of fraud is one too many. That's why we're happy to provide tips for safe trading. If you receive a very quick response to your ad, often in poor French or Dutch, from someone willing to pay more than your asking price, be alert. Definitely do not respond to requests to use a different email address than the one linked to the account known to 2dehands. Also, make sure to check when the account was created. If it's an account created on the same day, be extra cautious. Finally, when something seems too good to be true, it usually is," warns Petra Baeck, Marketing Director at 2dehands.

 

Sights on other data as well

 

Phishing criminals have their sights on other data as well. They are not just after your bank codes; they are looking for any information that can help them extract money from their victims.

"As it becomes increasingly difficult to hack software and computers, cybercriminals are targeting the human behind the computer. They call people and pretend to be Microsoft employees. In often broken English, they tell you that problems have been detected on your computer. Their goal is to persuade you to install malicious software on your device that steals your sensitive data or locks your computer until you pay a 'ransom,'" says Karel Dekyvere, Chief Security Officer of Microsoft BeLux.

"As a golden rule, Microsoft or its partners never call you unsolicited about computer problems. If you receive such a call, it's best to hang up immediately. Victims of such cyberattacks should report them to the police and can file a complaint with the Federal Computer Crime Unit. For tips on how to recognize a phishing attack and protect yourself, you can also visit our blog," adds Dekyvere.

 

Still gave out your information?

 
  • Contact your bank immediately to block your account.
  • Notify Card Stop immediately (www.cardstop.be or 078 170 170) if you have also provided your card details.
  • Change your codes as soon as possible. If you have given out a password that you use elsewhere, change it immediately.
 

Don't give fraudsters a chance

 

"You need to be vigilant if you don't want to fall victim to phishing. Just like pickpockets seize their opportunity when you're momentarily distracted, phishing criminals rely on the fact that your guard may be down," says CEO Karel Van Eetvelt.

So, don't play into the hands of fraudsters, and never make impulsive payments. Fraudsters often put pressure on their victims with a supposed urgent message or threats of serious consequences. Pay close attention, don't let yourself be pressured, and follow these three golden rules to prevent phishing:

  • Never give out your PIN code or internet banking codes via email, social media, SMS, or phone.
  • Ignore any message that leads you to the (fake!) payment website or app of your bank through a link. It may look like the real website or app, but it's a deception!
  • Always manually enter your bank's web address in your browser or open your bank's app yourself. Do not go there through a link!
 

Received a phishing message?

 

Do you suspect you've received a phishing message? Forward the message, without opening the links yourself, to your bank at phishing@namedomaineofthebank.be and to suspect@safeonweb.be, the reporting point of the Center for Cybersecurity Belgium (CCB). Afterwards, delete the message.

By reporting these messages, your bank and/or the Center for Cybersecurity can block phishing websites and prevent people from falling into the trap.