Internet Banking Security Centre
Common Frauds and Threats
Our Online Banking services are a safe and convenient way to manage your finances, but you need to take care to guard against Internet and other types of fraudsters. It is important that you are aware of potential fraud attempts that originate from the Internet and other methods.
Click on the headings below to find information on the most common frauds and threats:
Vishing (Telephone or Voice Fraud)
Vishing is when an individual calls you claiming to be from the Bank, or a company providing a service and request financial and/or personal and security information.
The term is a combination of ‘voice’ and phishing. It is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.
The phone number displayed on your handset may appear to be a genuine Bank phone number but these can be mimicked by criminals.
If you suspect any fraudulent activity from any call you receive, you should ask the caller to confirm their authenticity and if still in doubt of the caller’s authenticity, end the call .
If you believe that your bank details have been compromised, call the number on the back of your credit or debit card or alternatively call the official number for the branch on the AIB website.
Some of the scams currently in circulation are where customers have received fraudulent calls claiming to:
Assist them with claiming a tax rebate
Be a law enforcement official asking them to assist with preventing a crime
Be a Utility Company: e.g. Telephone/Mobile phone provider, Broadband provider, Software company offering to “fix” PC or broadband problems.
The callers will attempt to trick you into divulging your banking or card credentials and provide codes from your Card Reader in order to access your online banking and make fraudulent payments.
NEVER disclose codes from your AIB Card Reader over the phone.
NEVER disclose the full five digits of your Personal Access Code (PAC).
If you have received such a call and disclosed any of your Banking details please contact us immediately
Malware (Trojans and Viruses)
Malware is short for ‘malicious software’. The effects of malware can vary widely depending on what it is designed to do. Some cause little or no damage, while others can be very dangerous and deliberately target customers who bank online.
Banking specific malware can gather personal or security information entered on the infected PC/laptop/phone. Such malware can gain access to the device when the user is tricked into opening or running an infected attachment they have received from a seemingly legitimate mail, through an infected file they have downloaded or even by visiting an infected website.
How you can identify Malware threats or fraudulent attempts to obtain personal details while banking online?
The signs to look for include:
Pop-up windows on Internet Banking asking you to key details into your Internet Banking Card Reader, and
Requests on Internet Banking to confirm your identity with your credit/debit card details (see the sample screen shot below)
For more information on staying safe online go to: https://www.getsafeonline.org/nca/
Phishing is a common technique used by fraudsters in an attempt to obtain personal and security information for the purpose of identity theft or financial gain. The fraudsters use email messages that appear to come from legitimate businesses in an attempt to fool you into visiting a fake website and supplying your personal details. Financial institutions are frequently targeted by these types of attacks.
AIB may on occasion, send you product related or marketing surveys via email. It is important to note that these mails will never ask you for Internet Banking login details or personal information.
Fraudulent emails that are currently in circulation include:
Customer Record Updates: these mails advise that you will be required to provide AIB with proof of identity and address; otherwise you will be unable to access your accounts from a specified timeframe, or
Secure Message: you will be asked to click on a message to view it.
The emails also include a false link to log into your online banking.
THESE EMAILS ARE NOT FROM AIB.
Examples of some other fake messages in the fraudulent emails are:
“Your Internet Banking account has expired. Renew your account information NOW. Please download and complete the attached form.”
“Your AIB Online Banking Access is suspended.”
“Please be informed that we send emails asking you to verify your account maximum three tome a year.”
“Note that your AIB CodeCard is about to expire. In order for it to remain active, Use the button below to Activate your CardCode and get Unlimited Access on your Internet Banking.”
Phone Scam Warning - Cards
AIB have been notified of a Phone Scam currently targeting our customers. Reports received to the Bank indicate that:
Fraudulent calls have been targeting customers trying to persuade them that their AIB Credit / Debit Card have been compromised
These scams will usually request a transfer of funds or disclosure of card/account details
Other variants of the fraudulent calls involve the customer’s account being over credited and that the customer must transfer money back to a third party account
Some fraudulent callers are also advising that the customers branch will not be aware of this call as it is being handled by a third party.
AIB would ask that customers be aware of such calls, as they are not genuine.
If you suspect that a call may be fraudulent, hang up and call the AIB Card Services Team on 01 6685500.
To assist in identifying such calls please be aware that:
AIB will never call you to ask for a refund of credit in this manner, and
AIB will not request for a transfer to any third party accounts.
If you suspect a call may be fraudulent, hang up and call the phone number on the back of your card, or call your local branch for verification.
Phone Scam Warning - Devices
Fraudsters are calling customers trying to persuade them that their computer/laptops are operating slowly. The criminals are attempting to get customers to agree to pay a nominal charge to fix the problems and they then trick them to make a payment for a much higher value.
Have you received a call asking any of the following questions?
Is your PC operating very slowly?
Will you pay a fee to get it fixed?
Do you want them to logon remotely to your PC to fix it?
This is a Fraud Scam do not log on to Internet Banking to make any payments to them.
These phone calls are NOT from genuine companies – they are a fraudulent attempt to obtain your banking details.
What should you do if you receive one of these calls?
DO NOT disclose any details
END the call
Call AIB immediately if you have given any of your banking details to the caller.
Advanced Fee (419) Fraud
Advance fee fraud or ’The 419 (four-one-nine) fraud’ as it's also known, is a method by which a fraudster attempts to trick you into supplying 'up-front' money to secure your involvement in their specified transaction. There are many variations of this type of fraud.
How does Advanced-Fee (419) Fraud work?
You would first receive an unsolicited communication (e.g. fax, email, letter or website) concerning an individual, business or government entity wanting to get money out of the country
These communications (e.g. websites, letters, emails or faxes) often look very similar to those of a reputable institution
The fraudster then contacts you directly offering to transfer money into your bank account in exchange for a small fee
If you respond to the initial offer, you may receive ‘official looking’ documents to complete.
Typically, you are then asked to provide a blank letterhead and your bank account details, in addition to money to cover the transaction, transfer costs and attorney's fees
The fraudster will then quickly move your money to an offshore account and then move on to their next victim.
How to recognise Advanced-Fee (419) Fraud letters
They generally include requests for ‘up-front’ money to secure your involvement in their transaction. Hence the name: ‘advanced fee fraud’
They are generally marked ‘urgent’ or ‘confidential’
They often promise millions of dollars for your help, once the transaction is completed
They always have a scheme or a reason for contacting you, examples include:
- An inheritance that is tied-up
- Diamonds in boxes that they need to get out of the country
- Millions of dollars in boxes that they need to get out of the country
- Money ‘frozen’ by government
- Excess oil or other merchandise
Most 419-fraudsters present themselves as individuals such as doctors, lawyers, sons of ex-generals and other important persons, to trick you into thinking they are respectable and trustworthy individuals
They are always seeking a foreign ’partner’ to help them
They will ask for personal information about you, such as:
- Personal or Business letterhead
- Banking information
- Personal telephone number.
What should you do if you suspect a 419 scam?
Delete the email, destroy the letter or fax. Although they may look like it is addressed specifically to you, they will have been sent to many people.
SIM Swap Fraud
What is SIM Swap Fraud?
The objective of these fraudulent SIM swaps is mainly to intercept messages sent by SMS for banking transactions over the Internet.
Fraudulent SIM swap is a mobile device specific fraud where the fraudster approaches your mobile service provider pretending to be you and requests that the existing mobile number be assigned to a new or ’replacement’ SIM card. Once the SIM swap request has been processed, the fraudster is able to access the new SIM card and may divert calls and receive your SMS notifications. With texts and calls now routed to the ‘new’ SIM card, the fraudster is able to access any unique codes sent by the bank to access people’s bank account. This scam will be used in conjunction with other Common Frauds and Threats such as a Phishing or Vishing attack’s as described above.
To safeguard against SIM swap fraud, we suggest that you follow these simple steps to help stay secure:
Never disclose any sensitive or personal information such as login details, bank details, passwords or passcodes to any source
Never ignore an SMS message alerting you to a pending SIM swap request on your account or if you suddenly cannot make or receive calls or messages. Contact your mobile provider immediately and enquire whether a SIM swap has been processed on your number
Protect your mobile device via password (use strong passwords that would not be easy to guess) or biometric security (fingerprint). Where possible, set the screen auto-lock timer to activate after just a few minutes of inactivity
Disable automatic connections. Some devices automatically allow connections to available Wi-Fi networks, and Bluetooth devices may connect and transmit data without your knowledge
Consider using your manufacturer’s applications which allow you to find and track your device if lost. These applications also give you the option of locking or wiping your phone remotely if required
Do not open emails from unknown sources – even if these appear legitimate or authentic and seem to come from your banking institution
Never follow a link provided to you in an email to access the Internet Banking site for your banking institution. Instead physically type the address into the browser address bar.
If you suspect that you have been a victim of SIM swap fraud, contact your mobile provider immediately.
SMS (Text Message Fraud)
Text Message Fraud (SMiShing) is a common technique used by fraudsters in an attempt to obtain personal and security information for the purpose of identity theft or financial gain. The fraudsters send text messages that appear to come from legitimate numbers in an attempt to fool you into supplying your personal details.
AIB may on occasion, send you product related or marketing surveys via SMS. It is important to note that these text messages will never ask you for Internet Banking login details or personal information.
Text Alerts for AIB Credit and Debit Cards
From September 2015, AIB will text you if we see suspicious activity on your Credit or Debit card.
The text will come from +353873700700. This is a number for texting only and it won’t answer if you ring it. We will identify ourselves straight away as ‘AIB’ and will not ask you for any personal information, account numbers or PIN numbers. You will be asked to confirm whether or not you made a transaction with a ‘Y’ or ‘N’ reply. If you are not happy to answer the text, contact us on the number on the back of your card.
For more information, click here
Adware and Pop-Up Windows
Pop-up windows are the small windows or adverts that can appear suddenly over or under a browser window. Pop-up windows can be used to obtain personal information from an unsuspecting user. Fraudsters can also use fake ads to fool you into visiting a fake website and supplying your personal details.
Please note: Pop-up windows can be legitimately used by some websites/offerings, such as ’Verified by Visa’ and ’MasterCard SecureCode’.