Gardaí and Banking & Payments Federation Ireland (BPFI) have alerted the public to an ongoing text message scam designed to gain entry to personal bank accounts.

The smishing alert came from the Garda National Economic Crime Bureau (GNECB) and FraudSMART, the fraud awareness initiative of BPFI.

Consumers are being advised to be on the alert to the text message or ‘smishing’ scam in which victims receive a text appearing to be from their bank asking them to confirm personal details or click on links to unfreeze their account.

“Your bank will never ask for your personal information so never give your financial or personal information in order to release money, refund fees, or access to your computer”

The purpose of the scam is to obtain personal information that will allow criminals to steal money from bank accounts.

Be wary

Detective chief superintendent Patrick Lordan, GNECB stated that banks and other financial entities will never make unsolicited contact with individuals asking for personal details, account numbers, 4-digit pin number or passwords.

“People receiving unsolicited communications looking for these personal details should not reply to text messages, emails or other communications. They should contact their bank independently to check on the validity of the communications they have received before taking any action,” Lordan said.

Niamh Davenport, who leads BPFI’s FraudSMART programme, urged consumers to always be wary of any unexpected calls or texts which appear to be your bank especially those asking for personal details or payments.

“Your bank will never ask for your personal information so never give your financial or personal information in order to release money, refund fees, or access to your computer. Fraudsters are very convincing but don’t be afraid to take the time to make the relevant checks. The scammer will try to rush you, but this is all designed to panic you into doing something you wouldn’t otherwise do.”

Key details of the scam

  • The message will imitate a text from your bank.
  • The message will typically ask you to click on a link to a website to “verify”, “update” or to “reactivate” your account.
  • It may ask you to reply to the text message with personal or financial information or to click on a link to website.
  • If it includes a link, the website is a fake one. The website will then attempt to get you to disclose personal or financial information. If clicked on it also could download dangerous software known as malware to your computer or mobile device.
  • Often the text will create a sense of urgency to make you act without thinking e.g. your money is in danger or your account will be frozen.

Warning signs

The following are some warning signs:

The text message will be unsolicited

  • The text message will always seek information that allows access to bank accounts, Note; banks or other financial institutions would not look for that kind of information!!
  • The text will instruct the individual to go to a website or make a phone call to a specified number
  • The text will create a fear that if the customer does not take action requested in the text, their account will be compromised
  • The text will emphasise the need for urgent action by the recipient of the text

What can you do?

  • A text from your bank will not ask you for any personal information, only ever respond Y or N to bank text messages.
  • Never respond to a text message that requests your 4-digit card PIN or your online banking details or any other password.
  • Do not respond to unsolicited text/SMS messages before independently validating who the text appears to be from. Never use the number in the text message. For your bank, use the number on the back of your debit / credit card.
  • Don’t be rushed. Take your time and make the appropriate checks before responding.
  • Do not click on a link, attachment or image that you receive in an unsolicited text without first verifying the text and understanding what you are clicking on.
  • If you think you have responded to a smishing text message, contact your bank immediately.

Cybercrime image: serpeblu/Shutterstock 

Written by John Kennedy (john.kennedy3@boi.com)

Published: 21 August, 2019

Recommended