DNSC has issued a new very important alert for Romanians all over the country, and this is because it brings into discussion fraud attempts involving the YOU banking service of those from BRD, it being used to deceive people.
"Usually, in the last months of the year, an increase in online transactions can be noticed. The main reason is this very 'celebration of promotions', which starts with #BlackFriday and continues with the winter holidays.
Cybercriminals also increase their fraud attempts during this time, usually looking to steal financial or bank card details. One of the methods used is the sending of fake SMS or e-mails in the name of the bank.
Such a campaign is currently aimed at BRD Groupe Societe Generale customers. A warning in this regard has already been sent on the company's social channels, from which we learn that the attackers are trying to induce potential victims to visit fraudulent sites, where they collect personal data (name, CNP, phone number), card data (card number, expiration date, CVV/CVC) but also validation/authorization codes (OTP codes – 6-digit passwords received via SMS from BRD).
The text of the received message presents a scenario in which the user is informed that, for various reasons (see photo), it is necessary to go through a process of verifying the data corresponding to the account. At that point, the potential victim is redirected to a site that looks similar to the bank's, but the domain is NOT an official one (.page), as can be seen from the images below.
In addition to collecting a series of data that can be sold on to other criminals, the attackers are trying to gain access and withdraw funds from BRD customers' accounts by unauthorized activation of the YOU BRD internet and mobile banking service.
Always check the source of the message, and when in doubt, validate the transmission of the information with the sender (in this case, the bank) before taking any action.
Avoid accessing links or attachments from unknown sources or suspicious messages! Also pay attention to the correctness of the text in Romanian. Any grammatical or expression mistakes may be an indication that the text has been automatically translated from another language.
Pay attention to the exact address of the sites on which you are going to provide data, but also to its security elements (the site must have a security certificate – https). Enter the bank's website address manually in your internet browser when you want to access your internet banking account.
Carefully review any transaction in your account before validating it. Once you are tricked into providing your card details and also accept the illicit transaction from your account, there is little the bank can do to recover the lost money!”
This post was last modified on Nov. 24, 2021, 10:50 PM 22:50 PM