Common Frauds and Threats

Click on the headings below to find information on the most common frauds and threats:

• Investment Scam Warning – Criminals are using genuine AIB staff names in the latest scam

  AIB urges people to exercise caution as a number of investment scams are in circulation. Most of these scams bear similar hallmarks with minor variations. In the current scams criminals are using a fake AIB email address with a real AIB staff name e.g. johndoe@aibirish.ie rather than johndoe@aib.ie. A person is contacted by a bad actor after filling out a contact form on a fake website purporting to offer investment products from legitimate, well-known names in financial services. The scammers often share sophisticated brochures and materials that appear legitimate. After the person fills out all the relevant ‘documents’, they are asked to transfer their money to an account which they later realise does not belong to the financial services firm and their money has been stolen. This often happens under a degree of time pressure, for example “to get the best rate of return”. Some of these scams also attempt to defraud customers seeking to invest in crypto currencies.
  

  AIB urges people to:

  • Ensure you verify the contact details by checking the official company’s website.
  • Do not call the number provided on the email. Search and confirm the phone number using the bank’s website.
  • You can also cross reference email addresses to ensure they are aligned with the format of the firms existing email addresses as shown on their website.
  • Ensure any website you use is secure and genuine by checking for the padlock symbol to the left of the web address and if it’s not there, beware.
  • Check the advisor out, look them up to see if their business exists by ensuring their office location and telephone number are genuine.
  • Call your bank before you make the payment and ask them to check the transaction and beneficiary account. This one call could save your money from being stolen by fraudsters.
  • Check the Central Bank of Ireland’s consumer hub and its list of unauthorised firms for guidance on how to protect yourself from financial scams. Simply enter ‘search for unauthorised firms’ on centralbank.ie.
  • Always seek investment advice from a regulated financial advisor even when recommendations are made by people you trust, such as family or friends.
• Remote Access Warning

  Criminals are calling people pretending to be from the bank advising that there is a problem with your account or a fraud payment. The purpose is to trick you into allowing them to install remote access software (e.g., Any Desk) on your computer. They then try to make payments themselves and convince you to authorise them by providing codes from your Card Reader. Don’t Engage. Hang up. Warn your staff if you are a business.

  • A call is received from a person purporting to be from your bank or a service provider like a utility company.
  • They try to convince you they are genuine - sending texts confirming they are from the bank and ask questions like, what kind of devices you use for online banking?  or Tell you there is a payment leaving your account or that there is an Issue with your Internet Router.
  • They try to get you to let them download software to fix the problem.
  • The software enables them to login to your account remotely:
    • The name of one of the ones that they use is AnyDesk via AIB [or some version of the bank name].com
  • They log into your online banking.
  • They can see your transactions and use the information to convince you they are genuine.
  • Their aim is to steal your money.

   

  Never give codes from your Card Reader or Digipass to someone who calls you. 

• The Mum and Dad WhatsApp Scam

  In this scam criminals contact you on (usually on WhatsApp) from an unknown number, pretending to be your child or grandchild who needs help.

  The messages might look like this:

   

  The message will go on to ask for money for something dramatic and urgent.

  This is usually a scam where criminals are trying to get you to transfer money to them.

  What to do:

  • Call the family member on their usual mobile number to check are they OK.
  • If you need to engage with the scam text, ask questions only your family member would know.
  • Don’t pay anyone unless you know who they really are. If you send money to a criminal through your AIB account, we will not be able to get it back for you. 
• Text Message Fraud
  Text Message Fraud is a common technique used by fraudsters in an attempt to obtain your personal banking and card information for the purpose of identity theft or financial gain. The fraudsters send text messages that appear to come from your bank or from legitimate businesses in an attempt to fool you into supplying your personal details.

  These text messages can appear within a genuine thread of messages and will request that you log in to a fake website or call a number.  This type of scam can be referred to as ‘Smishing’.

   

  • NEVER disclose your Registration Number or Personal Access Code (PAC) or Card information after clicking a link in a text
  • NEVER generate codes from your AIB Card Reader when they are requested by a text message or on receipt of an unexpected call.
  • NEVER move your funds to a safe account.
  • NEVER divulge your One Time Passcode (OTP) for Card transactions.
  • REMEMBER we are not making house calls to collect your cards

  
  NOTE:  AIB may on occasion, send you product related or marketing surveys via SMS. It is important to note that these text messages will never ask you for Internet Banking log in details or personal information.
  

• Investment Fraud
  Investment Fraud is one way criminals can steal your money. They try to convince you to invest in a scheme, shares or commodities, which either don’t exist, or aren’t worth the money paid for them. These scams are common and are usually perpetrated through aggressive sales tactics.  They’re well organised and very convincing. Scammers will target anyone who responds to them and build trusting relationships with their victims over a period of time. Unfortunately, many of these scams are successful. There are many types of scams fraudsters use to persuade you to part with your money.

   

  If somebody contacts you out of the blue by phone offering you the opportunity to invest in shares that are about to go through the roof - hang up immediately.  Do not respond to unexpected emails or click on adverts across social media or online. The criminals may have researched you and appear to know a lot about you. These criminals will do their homework and make it their business to know as much about you as possible before they contact you. They will give you details that you think only a genuine investment company would know, such as a previous investment or share information. Watch out for offers endorsed by celebrities, these endorsements are totally false.  Be cautious where the rate of return is very high and often advertised as guaranteed or risk-free.

   

  These criminals will attempt to build a relationship over time. And watch out! An initial small investment may actually produce some returns before you are encouraged to invest a larger amount. If you are contacted by someone claiming to be from a well-known company, check them out independently with the company, look up the company on Google and ring the contact details on the website, not the number you have been given by the caller.

   

  The caller may ask you to download software to your PC which will provide them unlimited access along with the ability take control of your PC and manipulate the images you are being shown on screen. They will say they are helping you to make a payment and will ask for login information to your AIB online banking along with security codes from your card reader/Digipass. Others will request payments to be made via Debit/Credit card. Never provide one time pass codes received via SMS. NEVER give codes from your card reader/Digipass on foot of a phone call. Never provide login or card information on foot of a phone call. Some of the scams ask you to buy Bitcoin or a cryptocurrency to invest in the scheme. They will set up accounts for you within these companies. Do not provide photo ID, Proof of address without verifying the legitimacy of the caller.
  

   

  Remember: If it sounds too good to be true, it certainly is! 
  

   

  Always remember: 

  • Check if the company is authorised (by a financial regulator) to deal in such investments

   

  The Central Bank of Ireland advises that Consumers should take the SAFE test before making any financial decisions or providing any personal information:

   

  S – Stop: Stop, think and ask yourself – What? Who? Why? Do I feel rushed to act?

   

  A – Assess: Make sure the firm is legitimate   

               

  F – Factcheck: seek advice to ensure service or product is genuine

   

  E - Expose and report: any concerns contact the Central Bank

   

  • The Central Bank’s website includes a list of unauthorised firms in respect of which the Central Bank has published warning notices. You will note that these warning notices relate to firms that purport to be based in Ireland and in other jurisdictions. However, please also note that there may be unauthorised firms that have not yet come to the attention of the Central Bank. Members of the public can report alleged instances of unauthorised activity through the Central Bank’s website or directly by telephone.  

  Details for making reports are contained at https://www.centralbank.ie/regulation/how-we-regulate/authorisation/unauthorised-firms.

  • The Financial Conduct Authority in the UK also have a website where you can check investment firms at https://www.fca.org.uk/scamsmart/warning-list

  If the firm isn't on the Warning List. Even if a firm isn't on the Warning List, it might still be a scam. You should check it's an authorised firm on the Financial Services Register. Even if it's on the FS Register, it might still be a 'clone firm' pretending to be a genuine firm and you should do more checks.

  • Get Independent advice from a qualified financial advisor
  • Report any unsolicited contacts to An Garda Síochána / Police
  • Reject cold calls. If you have been cold-called about an investment opportunity, it is very likely that it is a high risk investment or SCAM
  • Do not respond to high pressure tactics
  • Do not divulge any of your personal or banking information prior to verifying the caller independently. If you have provided any information contact us immediately
  • Persistent emails can be marked as spam and block unwanted emails

   

  If your investment or transfer turns out to be fraud, it is very unlikely that AIB will be able to recoup the funds

  If you would like to get in touch please check the Contact Us section to get appropriate details.
  

• Cryptocurrency Scams
  Cryptocurrencies like Bitcoin are popular investments. Like everything popular, they attract scams.

   

  Fraud in cryptocurrency investment is on the rise.

   

  Here are some tips on how to be vigilant and to help keep you safe:

   

  What to look out for:

  Someone calls who:

  • Seems to know about you (they use social media)
  • Promises big returns and offering to help you get them,
  • Calls or emails unexpectedly with a sense of urgency

         

           It’s a scam. End the call. Don’t trust; don’t invest.

   

  Odd behaviour:

  • You are hurried into making a decision.
  • You are asked to keep an investment opportunity a secret.
  • Make sure you're happy that a website is genuine and that there are no online warnings about it before you log on.
  • Fake sites may ask you to pay in multiple ways.

   

  Websites, ads with great deals:

  • If it looks too good to be true, it is too good to be true. Many investment promises are fake.
  • Make sure you're happy with a site before you log on.
  • Fake sites may ask you to pay in multiple ways.

             

           Check if the site has a number to call. Call it to verify.

         

           Look for the closed padlock image address bar at the top of your screen - this lets you know that the link to a site is secure.

   

           A secure site will also have https:// at the start of its address. But remember, these do not mean a site is genuine.
  

   

  If it's a scam, you will not get your money back.

   

  • The Banking and Payments Federation Ireland have a website fraudsmart.ie that provides useful security awareness information.
  • The Central Bank of Ireland provides advice on their website at  https://www.centralbank.ie/regulation/how-we-regulate/authorisation/unauthorised-firms/avoiding-scams-and-unauthorised-activity
  • In the UK there is a service available from the Financial Conduct Authority (FCA) - The FCA site has a register of companies who are allowed to offer products and services. It also gives advice on how to spot a scam and avoid fake companies. You can go to the FCA here.
    
• Phone Scams
  Theses scams are when an individual calls you claiming to be from the Bank, or a company providing a service and request financial and/or personal and security information.

   

  • This type of scam is referred to as 'Vishing', which is a combination of ‘voice’ and phishing. It is typically used to steal credit / debit card numbers or to gain access to your Internet Banking.

   

  If you suspect any fraudulent activity from any call you receive, you should end the call and verify the identity of the caller using a known number.

   

  Some of the scams currently in circulation are where customers have received fraudulent calls claiming to:

  • Assist them with claiming a tax rebate
  • Be a law enforcement official asking them to assist with preventing a crime
  • Be a Utility Company: e.g. Telephone/Mobile phone provider, Broadband provider, Software company offering to “fix” PC or broadband problems.
  • That you have unauthorised transactions on your Card or Account
  • To process a refund or cancel a subscription

   

  The callers may ask you to download an Application to give them access to your PC. They will also attempt to trick you into divulging your banking or card credentials and provide codes from your Card Reader in order to access your online banking and make fraudulent payments.

  • NEVER disclose codes from your AIB Card Reader over the phone.
  • NEVER disclose the full five digits of your Personal Access Code (PAC).

   

  If you have received such a call and disclosed any of your Banking details please contact us immediately
• Phone Scam Warning - Cards
  AIB have been notified of a Phone Scam currently targeting our customers. Reports received to the Bank indicate that:

  • Fraudulent calls have been targeting customers trying to persuade them that their AIB Credit / Debit Card have been compromised
  • These scams will usually request a transfer of funds or disclosure of card/account details
  • Other variants of the fraudulent calls involve the customer’s account being over credited and that the customer must transfer money back to a third party account
  • Some fraudulent callers are also advising that the customers branch will not be aware of this call as it is being handled by a third party.

  AIB would ask that customers be aware of such calls, as they are not genuine.

   

  The scam is referred to as ‘Vishing’, which is a combination of ‘voice’ and ‘phishing’.

   

  If you suspect that a call may be fraudulent, hang up and call the AIB Card Services Team on : 01 6685500.
  

   

  To assist in identifying such calls please be aware that:

  • AIB will never call you to ask for a refund of credit in this manner,
  • AIB will not request for a transfer to any third party accounts,
  • AIB will not request the One Time Passcodes to process refunds / credits, and
  • You should never disclose the One Time Passcode that AIB sends via SMS to a third party.

   

  If you suspect a call may be fraudulent, hang up and call the phone number on the back of your card, or call your local branch for verification.
• Fraudulent Emails
  Fraudulent Emails are a common technique used by fraudsters in an attempt to obtain personal and security information for the purpose of identity theft or financial gain. The fraudsters use email messages that appear to come from financial Institutions or a legitimate businesses in an attempt to fool you in to visiting a fake website and supplying your personal banking or card details.

   

  Financial Institutions are frequently targeted by these types of fraud, which are also referred to as ‘phishing’.

   

  AIB may on occasion, send you product related or marketing surveys via email. It is important to note that these mails will never ask you for Internet Banking log in details or personal information.

   

  Fraudulent emails that are currently in circulation include:

  • Customer Record Updates: these mails advise that you will be required to provide AIB with proof of identity and address; otherwise you will be unable to access your accounts from a specified timeframe
  • SCA Activation: these emails ask you to click on a website in order to activate Strong Customer Authentication to prevent your account from being locked
  • Secure Message: you will be asked to click on a message to view it.

   

  The emails also include a false link to log into your online banking.

  THESE EMAILS ARE NOT FROM AIB.

  Examples of some other fake messages in the fraudulent emails are:

  • “We inform you that your SCA is not set up yet. In order to use your Online Banking Service, you will have 24 hours to set up your SCA.”
  • “Your Internet Banking account has expired. Renew your account information NOW. Please download and complete the attached form.”
  • “Your AIB Online Banking Access is suspended.”
  • “Please be informed that we send emails asking you to verify your account maximum three tome a year.”
• Email Scams
  This type of fraud is on the increase and it's important that you take the necessary steps to protect your money. Criminals are sending emails in an attempt to trick you in to transferring money to them.

   

  These types of scams are referred to as ‘Phishing’.

   

  Emails can claim to be from your Supplier, Contractor, and Solicitor etc. advising of their bank account details or that they have changed their bank account details. These emails will request that all current and future payments should be made to a new account, which actually belongs to the criminal.

   

  You should not accept any financial instructions via email. You should always VERIFY ACCOUNT NUMBERS on a known contact number. Do not reply to the email or use a contact number contained in the email.

   

  If you make and authorise a payment to one of these fraudulent accounts, it is highly unlikely that AIB will be able to get your money back for you.

   

  For more information on how to stay safe, visit our Security Centre and www.fraudsmart.ie.
• Purchase Scams – Buying online
  When shopping online, you need to be aware that some of these companies are not legitimate. Fraudsters can spoof/clone a genuine website. They advertise using images of genuine products but at a cheaper price. The goods are never actually available for sale. These cloned sites often have contact details via email only. Phone lines won’t be answered but will be followed up with a call from a private number. These fraudsters will tell you they can only accept a payment via bank transfer or card transactions.

   

  Examples of products that fraudsters are ‘selling’ include machinery, motor homes and boats.

   

  Ensure you buy goods and equipment from reputable retailers and sellers.

   

  Before making a payment ensure you have researched the validity of the company.

   

  Ask yourself ‘How do I know this person/company is genuine?’.  If the price or description of the product sounds too good to be true, it probably is.
• Buyer Beware - Loan Scams
  AIB have been made aware of a “Payday Loan” scam currently targeting our customers. Reports received indicate the following key details:

  • Payday Loan application is made online (Fast Online Credit, Bluestone Finance, Deccan Loans)
  • Customers are requested to input IBAN for loan application approval
  • Upon loan approval, customers will be requested to make an advanced payment - this may be for PPI or to build credit rating
  • Loan repayments will be requested to be paid through alternative payment channels, for instance: Western Union, Coinbase, TransferWise, Game Stop vouchers, iTunes Vouchers.

   

  Not all of these elements will appear in every attempted loan application, as details vary, but the overall theme remains constant.

   

  If suspicion arises:

  • DO NOT make any further payments
  • DO NOT withdraw or transfer any funds received into your account from an unknown third party
  • Cease contact with the fraudulent loan company immediately.

   

  If you believe you have been a victim of the scam, please contact us immediately.
• Malware (Trojans and Viruses)
  Malware is short for ‘malicious software’. The effects of malware can vary widely depending on what it is designed to do.  Some cause little or no damage, while others can be very dangerous and deliberately target customers who bank online.

   

  Banking specific malware can gather personal or security information entered on the infected PC/laptop/phone. Such malware can gain access to the device when the user is tricked into opening or running an infected attachment they have received from a seemingly legitimate mail, through an infected file they have downloaded or even by visiting an infected website.

   

  How you can identify Malware threats or fraudulent attempts to obtain personal details while banking online?
  

  The signs to look for include:

  • Pop-up windows on Internet Banking asking you to key details into your Internet Banking Card Reader, and
  • Requests on Internet Banking to confirm your identity with your credit/debit card details (see the sample screen shot below)
  • For more information on staying safe online go to: https://www.getsafeonline.org/nca/
• Advanced Fee (419) Fraud
  Advance fee fraud or ’The 419 (four-one-nine) fraud’ as it's also known, is a method by which a fraudster attempts to trick you into supplying 'up-front' money to secure your involvement in their specified transaction. There are many variations of this type of fraud.

   

  How does Advanced-Fee (419) Fraud work?

  • You would first receive an unsolicited communication (e.g. fax, email, letter or website) concerning an individual, business or government entity wanting to get money out of the country
  • These communications (e.g. websites, letters, emails or faxes) often look very similar to those of a reputable institution
  • The fraudster then contacts you directly offering to transfer money into your bank account in exchange for a small fee
  • If you respond to the initial offer, you may receive ‘official looking’ documents to complete.
  • Typically, you are then asked to provide a blank letterhead and your bank account details, in addition to money to cover the transaction, transfer costs and attorney's fees
  • The fraudster will then quickly move your money to an offshore account and then move on to their next victim.

   

  How to recognise Advanced-Fee (419) Fraud letters

  • They generally include requests for ‘up-front’ money to secure your involvement in their transaction. Hence the name: ‘advanced fee fraud’
    
  • They are generally marked ‘urgent’ or ‘confidential’
  • They often promise millions of dollars for your help, once the transaction is completed
  • They always have a scheme or a reason for contacting you, examples include:
    •  An inheritance that is tied-up
    •  Diamonds in boxes that they need to get out of the country
    • Millions of dollars in boxes that they need to get out of the country
    • Money ‘frozen’ by government
    • Excess oil or other merchandise
  • Most 419-fraudsters present themselves as individuals such as doctors, lawyers, sons of ex-generals and other important persons, to trick you into thinking they are respectable and trustworthy individuals
  • They are always seeking a foreign ’partner’ to help them
  • They will ask for personal information about you, such as:
    • Personal or Business letterhead
    • Banking information
    • Personal telephone number.

   

  What should you do if you suspect a 419 scam?
  

  Delete the email, destroy the letter or fax. Although they may look like it is addressed specifically to you, they will have been sent to many people.
• What is SIM Swap Fraud?
  The objective of these fraudulent SIM swaps is mainly to intercept messages sent by SMS for banking transactions over the Internet.

   

  Fraudulent SIM swap is a mobile device specific fraud where the fraudster approaches your mobile service provider pretending to be you and requests that the existing mobile number be assigned to a new or ’replacement’ SIM card. Once the SIM swap request has been processed, the fraudster is able to access the new SIM card and may divert calls and receive your SMS notifications. With texts and calls now routed to the ‘new’ SIM card, the fraudster is able to access any unique codes sent by the bank to access people’s bank account. This scam will be used in conjunction with other Common Frauds and Threats such as a Phishing or Vishing attack’s as described above.

   

  To safeguard against SIM swap fraud, we suggest that you follow these simple steps to help stay secure:

  • Never disclose any sensitive or personal information such as log in details, bank details, passwords or passcodes to any source
  • Never ignore an SMS message alerting you to a pending SIM swap request on your account or if you suddenly cannot make or receive calls or messages. Contact your mobile provider immediately and enquire whether a SIM swap has been processed on your number
  • Protect your mobile device via password (use strong passwords that would not be easy to guess) or biometric security (fingerprint). Where possible, set the screen auto-lock timer to activate after just a few minutes of inactivity
  • Disable automatic connections. Some devices automatically allow connections to available Wi-Fi networks, and Bluetooth devices may connect and transmit data without your knowledge
  • Consider using your manufacturer’s applications which allow you to find and track your device if lost. These applications also give you the option of locking or wiping your phone remotely if required
  • Do not open emails from unknown sources – even if these appear legitimate or authentic and seem to come from your banking institution
  • Never follow a link provided to you in an email to access the Internet Banking site for your banking institution. Instead physically type the address into the browser address bar.

   

  If you suspect that you have been a victim of SIM swap fraud, contact your mobile provider immediately.
• Text Alerts for AIB Credit and Debit Cards
  AIB will text you if we see suspicious activity on your Credit or Debit card.

   

  We will identify ourselves straight away as ‘AIB’ and will not ask you for any personal information, account numbers or PIN numbers. You will be asked to confirm whether or not you made a transaction with a ‘1’ or ‘9’ reply. If you are not happy to answer the text, contact us on the number on the back of your card.
  

   

  For more information, click here
• Adware and Pop-Up Windows
  Pop-up windows are the small windows or adverts that can appear suddenly over or under a browser window. Pop-up windows can be used to obtain personal information from an unsuspecting user. Fraudsters can also use fake ads to fool you into visiting a fake website and supplying your personal details.
  

   

  Please note: Pop-up windows can be legitimately used by some websites/offerings, such as ’Verified by Visa’
• Romance scams

  Be Aware of Romance Scams.

  Victims of the scam believe they have met their perfect match online, but the other person is in fact a scammer using a fake profile to build the relationship. They slowly gain the victim’s trust with a view to eventually asking them for money.

  Watch out for the signs of a Romance Fraudster:

  • They will try to move communications away from the Dating app.
  • Ask a lot of personal questions but avoid answering questions about themselves. The details they do share may seem made up and far from reality.
  • Ask for financial help. They may tell you they are having money problems, a medical emergency or money to travel to meet you. Never hand over your hard earned money.

  To stay secure from such scammers you should:

  • Always use a trusted dating website.
  • Do not share personal information.
  • NEVER share financial information or send money to support them.
  • Trust your instincts.

  If you make payments that turn out to be frauduelent, it is highly unlikely AIB will be able to retrieve your money.