Banks will never send you links to web pages that require you to enter your personal account information and passwords!
What is phishing?
“Phishing” is a word formed by combining the words “password” and “fishing” . Criminals “fish” for passwords and personal information by sending you an e-mail containing a link that you are expected to open and enter your bank and credit card details.
The layout and design of such mails are confusingly similar with those sent by your bank. If you enter your details, then you provide them with access to your account and therefore to your money. Other practices for fishing for your data are by SMS (smishing) and by phone calls (vishing).
How do you recognise phishing messages?
Phishing mails lead you to believe that they originate from your bank, and containing a convincing reason for why you should enter your access details.
- The salutation is not personalised – as the messages are sent out to a large number of people. Your bank will address you by your name.
- Grammatical and spelling mistakes make be a strong indication of such a mail.
- You are urgently requested to reveal personal details and threatened with charges or your account being blocked.
Watchlist Internet:You may report phishing messages to Watchlist Internet. The website www.watchlist-internet.at publishes a continually updated list of phishing warnings on the page »Unseriöse Webseiten« (dubious web pages).
How can you protect yourself?
- Be careful when reacting to e-mails and SMSes! Never click on links contained in a suspicious message, and do not download attachments.
- Compare the sender’s e-mail address and the URL of the website precisely with those used by your bank! Fraudsters often change one character or insert a prefix like “Info-”.
- Never send your account details and passwords by e-mail, and never enter them on suspicious websites.
- Check your account balance and account movements regularly. That way, you are able to react quicker to fraudulent outgoing transactions.
- Check your bank’s website about whether warnings have already been published.
- If in doubt, always contact your financial service provider by phone.
As well as financial services, the following sectors are frequently affected:
○ online shops
○ social media
○ IT companies
○ telecommunications companies
○ delivery companies
What should you do if you have become a victim?
- Contact and inform your bank or credit card company immediately.
- You may need to have your account and cards blocked.
- Change your passwords, and use a password management programme to generate and manage strong passwords.
- Beware of additional payment fraud attempts! Criminals will often contact you again demanding further payments.