22 February 2019
Do you know how to recognise internet fraud?
Ever received an e-mail with a strange-sounding request? E.g. to transfer money in order to reactivate your account? Or to pay an online purchase from a private individual in advance?
In such cases, you can probably rely on your common sense. But sometimes, the techniques employed by would-be cybercriminals is so subtle that you can barely notice the difference between a reliable and a fraudulent e-mail! Even detecting a fake website can be challenging. Because hackers are often so well prepared that they replicate everything down to an officially registered address.
Which is why we want to help you recognise the signs of attempted fraud!
Received an e-mail or call from your bank? Proceed with caution…
It could be a case of phishing! Phishing is the most common form of internet fraud today and is the name given to a variety of scams devised by hackers to:
- trick you into providing confidential information such as your password, PIN, debit card number or ID card number.
- transfer money from your account on the basis of this “stolen” information.
There are 3 kinds of phishing. This is how to recognise them.ING will never ask you to provide confidential details it already has on file (including your e-mail, post address, account number), or codes generated by your ING Card Reader. Neither by e-mail. Nor by telephone.
Regular, or dynamic phishing
Hackers typically assume the logo and identity of your bank in order to create fraudulent e-mails. Step 1 should therefore always be to check whether the sender has used a fake e-mail address.
The body of the e-mail invariably contains a request to confirm your banking details under false pretenses. E.g. by asking you to “simply” click on a link, redirecting you to a fake internet site which probably resembles the login page of your e-banking service. You may be asked to fill in multiple fields or to carry out certain transactions. This is how hackers use phishing to trick you into sending your confidential details without even knowing it.
You may also be the recipient of a fraudulent telephone call, commonly known as Vishing. Your interlocutor may introduce him or herself as an ING employee. Under the pretexts of updating your details, they may ask you to generate codes using your bank card and card reader. In reality, hackers attempt to use these codes to transfer money from your account.
Phishing via debit card orders
Recent phishing scams involve e-mails that ask you to log in to your e-banking service in order to renew your debit card. Simply by clicking on the link in the e-mail. In effect, however you will be taken to a fake Home’Bank that will ask you to enter your personal details (such as ING ID, Card ID, etc.), your Home’Bank password and the PIN of your current debit card. Armed with all these details, hackers will attempt to access your real Home’Bank and request a new debit card.
- They will then either try and intercept the delivery of your card, e.g. by breaking into your letterbox.
- Or they will ask you to send your old card by post to a fake address – their own – under the pretext of a so-called card recycling programme.
The hackers will then be in possession of an active debit card and a valid PIN (since your PIN will remain the same in both cases).
We walk you through the process of how dynamic phishing works
What do I need to bear in mind?
- Always log in to Home'Bank or Business'Bank via www.ing.be (and never by clicking on a link sent by e-mail).
- Check that you are on a secure payment platform by checking that the address in your browser begins with https.
- Never disclose confidential information by e-mail or over the phone.
- Never communicate your PIN or a combination of numbers generated by your card reader.
- Never send your debit or credit card by post and always cut both the card and the chip in half before throwing it away.
- Never enter the PIN of your debit or credit card directly into a website (and only ever on your ING Card Reader).
- If, when shopping online, you are asked to complete payment via an “intermediate step” such as a “confirmation mail”… beware! Payments are never made by e-mail!
Don’t be a victim of fraud! Watch the video on phishing