22 November 2023

Fraud Awareness Week 2023

Our annual campaign aims to provide you with helpful guides and support on how you can protect and manage your own personal security details, including your Current Account Debit Card, online passwords, and PIN details.

Below you will find some instances of fraud, both online and via your phone, that might help you be more aware and help you stay protected against the fraudsters.

Fake Websites

Criminals can use fake advertising and websites to lure you into providing your debit card information. Once you have either, entered your debit card details to authenticate a purchase or provided a One Time Passcode (OTP) to complete the payment, the fraudster / fake website now has stolen your card details and can spend your hard-earned money.

Here are some tips for recognising when a website isn’t all that it may seem and how you can keep your debit card details safe online.

Spotting Fake online retailers

✔️ Look for a ‘padlock’ symbol in the address bar or browser.

This normally indicates the site is encrypted so your activity can’t be intercepted.

This should be combined with other checks as fraudsters can copy or buy these padlocks, so it isn’t a guarantee the website is safe.

Look closely at websites before you use your Debit Card

✔️ Are there any grammar or typo errors?

✔️ Have they a registered business address?

✔️ Have they a good returns policy?

✔️ Are there positive Google reviews or other online forums?

If anything looks unusual, DO NOT make a purchase from them!

Review the social media & contact information:

✔️ Are there genuine followings and legitimate posts?

✔️ Do they provide a physical phone number and email address?

Try a quick call to test the customer service to see if the company exists by speaking with a representative, if possible, send an email, automated response or bounce back? Be aware, if you receive an automated response or bounce back be on alert this may be a fraudulent website?

KEY ADVICE: IFAW1: ENSURE you use trusted websites when shopping or transacting online. If the price is too good to be true, trust your instincts, it’s likely to be a scam!

____________________________________________

Fake SMS or WhatsApp messaging – often referred to as the ‘Dear Mum/Dad Scam.’

This scam involves fraudsters posing as family members to manipulate victims into transferring money.

Parents are targeted by criminals pretending to be one of their children, saying they are texting from a new number as their phone has been lost or damaged.
They typically begin the conversation with “Hello Mum” or “Hello Dad” and then ask for their parents to transfer money urgently as they need to buy a new phone or pay a bill.
Typically, the conversation on WhatsApp, or via text message, is started by an automated bot, and then forwarded to a human who can communicate with the victim if they engage.
Some conversations can go on over a number of days because they believe that, if they can really dupe those people, it might be worth it!!

Impersonating family members is a new tactic by criminals to undermine people’s mental safeguards against being defrauded.

These scammers believe if you can add the psychological element into a scam, they work far better than the previously used phishing emails which were issued in bulk to numerous people at the one time
When you are called Mum or Dad, that is what many people would have in their phonebook. Preying on the heartstrings by saying they have lost their phone – it fits in with the usual conversation that goes on between parents
Please be aware It is easy for criminals to obtain a database of names, phone numbers and dates of birth through the dark web and social media channels.

WhatsApp is designed to protect people from unwanted contact, which is why, whenever you get a message from someone who isn’t in your contacts, it should ask if you want to block or report them.

KEY ADVICE: IFAW2: DON’T respond to messages or urgent payment requests from unknown numbers claiming to be a family member. If in doubt speak directly with the family member to validate the request before taking any further action.

____________________________________________

Fake Messages pretending to be from your Credit Union

This is a scam where fraudsters send text messages to random mobile phones - the text messages claim to come from a reputable organisation such as your Credit Union, Bank, or a service provider e.g., a mobile phone company.

A criminal can disguise an email address, display name, phone number, text message, or website URL to convince a target that they are interacting with a known, trusted source.

Criminals use a technique called ‘spoofing’ to make it look like you are being contacted by a trusted organisation e.g., your Credit Union. These scam calls or texts can often appear in genuine message threads making them difficult to spot.

The message will typically ask you to click on a link to a website or to call a phone number to “verify”, “update” or to “reactivate” your account. The website link leads to a bogus website and the phone number leads to a fraudster pretending to be the legitimate company. The criminal attempts to get you to disclose personal, financial or security information, which will then be used to access your accounts and steal your money.
These messages often attempt to alarm you, claiming that urgent action is needed, or it will have negative consequences.

KEY ADVICE: IFAW3: Your Credit Union will NEVER send you an SMS with a link requesting you to disclose personal details or share PINs/Passwords for your debit card or online banking. Please delete these messages straight away and review your Current Account & Debit Card transactions.

____________________________________________

Fake SMS/Text message/Email Links

Smishing is the attempt by fraudsters to trick you into handing over personal information such as your Credit Union details, usernames, or passwords by clicking on a link they have sent you via SMS or WhatsApp or email.

The Fraudulent communication pretends to be from a trustworthy source such as your Credit Union and the information they gain can then be used to access your Current Account or Debit Cards or Online Banking account.

The criminal typically sends thousands of generic SMS messages to people whose phone numbers have been obtained from an unknown source, in the hope of getting a ‘hit’.
These SMS Messages tend to have generic greetings such as “Dear Customer” or “Account Holder”.
In some cases, a tactic called “spear phishing” is used. In these cases, the fraudster has some details about you (frequently sourced through social media) and may use your name or some other specific detail about you in the email.

KEY ADVICE: IFAW4: DON’T EVER respond to messages or urgent payment requests claiming to be from legitimate services like Your Credit Union, An Post, EFlow, DHL & Amazon. If in doubt, speak directly to the service provider to validate the request before taking any further action.

____________________________________________

Never Share Codes - BE AWARE AND DON’T SHARE!!

Criminals can use fake advertising and websites to lure you into providing your Debit Card information with a tactic known as Smishing.

Typically, the fraudster will send an SMS with a ‘fake link’ for you to update some form of your personal and/or security details including their debit card details.

These messages often tend to have a sense of urgency, advising you will be locked out or will have negative consequences if you don’t act fast!

Shortly after, you might receive a call from the fraudster confirming payment or some other request.
While on this call, fraudster is setting up Apple Pay / Google Pay using the Debit Card details provided on previous link.
An OTP (One Time Passcode) is sent to your mobile number (to complete the set up) while on phone or short time before phone call.
The OTP is then shared with the fraudster who can now set up Apple Pay or Google Pay on a different device with YOUR debit card.

Once you have either, provided a One Time Passcode (OTP) to complete the payment, or entered your debit card details to authenticate a purchase, the fraudster / fake website now has stolen your debit card details and can spend your hard-earned money.

KEY ADVICE: IFAW5: NEVER EVER share SMS One Time Passcodes with ANYONE no matter how insistent they might be. ALWAYS review the content of the SMS to ensure it relates to your EXACT purchase.

____________________________________________

Money Muling

Money Muling is a type of Money Laundering where a ‘money mule’ transfers or moves illegally acquired money on behalf of someone else.

Criminals recruit money mules to help launder proceeds derived from online scams and frauds or crimes like human trafficking and drug trafficking. The Money Mule will typically:

Receive money from a third party into their bank account.
Be instructed to transfer it to another account / person or takes it out in cash.
Give it to someone else, obtaining a commission for facilitating the transaction.

Money mules are typically recruited though social media in what appears to be a friendly approach by the criminal offering ‘easy’ money in return for something which appears as simple as opening a new current account on behalf of the criminal or using their own current account to lodge or transfer money.

While money Muling might initially appear to be an easy fix for those who are struggling financially or want to make some extra money, everybody , especially young people need to be aware that money Muling is effectively money laundering and therefore a criminal offence.

The consequences of becoming involved in Money Muling are very serious!

Anyone who is recruited as a money mule can be threatened with violence or physically attacked if they do not continue to allow their account to be used by the criminals to transfer money.
As well as having a criminal record, money mules who are caught face having their current account closed and will have difficulty opening another account and accessing loans or other credit facilities in the future.

KEY ADVICE: IFAW6: NEVER EVER agree to open a Current Account in your own name for the purpose of receiving incoming payments on behalf of someone else. IGNORE requests to earn ‘Easy Money’ and AVOID anyone who wants you to use your ‘own account’ for transactions.

____________________________________________

If you believe you have been a victim of unauthorised transactions on your Current Account or Debit Card, or of any of the above frauds, report it immediately by contacting Credit Union Card Services on +353(1)6933333.

For more information, please visit https://currentaccount.ie/support/card-safety-guidelines/

Back to News