E-mail, Website and Phishing Fraud
- Do not provide your password to anyone, not even us. We use your user name to correct any problem there may be with the system.
- Protect your computer with antivirus applications and firewalls and keep them updated. The security of some systems may be compromised without the knowledge of their owner if they are not adequately protected.
- Be sure to enter our web address correctly. Verify its validity by inspecting the content of our digital certificate. It is possible that other sites with bad intentions may use a similar name to make users believe that they are at the correct site and thus try to steal information as well as the client's user name and password.
E-mail Fraud (Phishing)
Phishing is normally a fraud involving an e-mail and a website similar to a legitimate website. The e-mail includes links to the fraudulent site. The perpetrators try to convince users to share their personal data on the website. Normally the websites are nearly identical to the real site. Once they obtain your confidential information, the perpetrators use it to transfer money (your money or money stolen from someone else), to open accounts or make purchases using your name.
The e-mails may use several different tactics, including:
- An invoice or shipping confirmation related to a product that you did not order
- An urgent request to update personal data
- A request to activate your account
- A request to validate your identity
- An offer of government benefits
- A promise to connect you to former colleagues
How they obtain your e-mail address
Perpetrators obtain addresses from other websites, buy lists, or sometimes they just guess. In general they do not know if the addressees are clients of the bank. They hope that some of the addressees are clients of the bank.
Other variants of phishing
- Pop-up windows: The perpetrators use windows or small ads to obtain your private information. In order to protect yourself, avoid installing programs from unknown sources and keep your firewall and antivirus applications up to date.
- Telephone: Perpetrators try to obtain your personal information by calling you on the telephone. They may even have some of your information, using it to gain your confidence and thus obtain the data they need. If you are uncomfortable continuing a call that you did not initiate, hang up and contact your usual account manager.
- Text messages: They try to obtain your personal information by sending a text message to your cellphone. They normally ask you for some personal information or ask you to call a telephone number or visit a website.
Perpetrators seek out their victims using various means, including postal mail, e-mail, telephone calls, and Internet forums. Once they contact their victim the perpetrators are very convincing. If you become involved in any of the following situations contact your usual account manager:
- Jobs: You accept a job that consists of you being paid a commission for moving money through your account or for which you are asked to open an account. The perpetrators advertise accounting jobs or home-based work in periodicals and on well-regarded websites.
- Lotteries or drawings: You are notified that you have won but that you have to pay a small percentage to cover taxes or other expenses.
- Internet dating: You are asked by someone you know on a website for money for any reason, including to travel to see you or for an urgent operation.
- Overpayment: You receive a check paying for something you sold but for more than the sale price. The perpetrator asks you to return the difference.
- Third party payment: You receive a payment for something you sold but the payment comes from someone you don't know.
- Telephone calls: Unless you initiate a call do not give any personal information over the telephone. If you doubt the identity of a representative of the Bank hang up and call your usual account manager.