Phishing scam hits Slovak bank

HUNDREDS of clients of Slovenská Sporiteľňa, the country's largest bank, received what looked to be an official email in late March that announced their accounts had been blocked and would stay so unless certain personal data was submitted.

Phishing for answers: bank customers are being warned about scams.Phishing for answers: bank customers are being warned about scams. (Source: ČTK)

HUNDREDS of clients of Slovenská Sporiteľňa, the country's largest bank, received what looked to be an official email in late March that announced their accounts had been blocked and would stay so unless certain personal data was submitted.

In fact, the email was what's known as a phishing scam, designed to trick internet users into handing over their financial information.

The website the data would have been submitted to had no connection whatsoever to Slovenská Sporiteľňa.

Slovak internet users are used to receiving unsolicited emails that pretend to be from trusted websites, but this is presumably the first time a fake email has assumed the identity of a Slovak bank.

Clients received the first emails, written in English, on March 24.

"As part of our security measures, we regularly screen activity in the system," read the scam mail. "During a recent screening, we noticed an issue regarding your account. For your protection, we have limited access to your account until additional security measures can be completed."

Then the email requested that the clients update and verify their information by checking the secure link attached in the email, which was signed as being from "the Slovenská Sporiteľňa, a.s Account Review Department."

The next day, on March 25, the emails started arriving in Slovak.

Slovenská Sporiteľňa immediately began warning clients not to reply to them. So far, no cases of abuse among the targeted accounts has been reported, Štefan Frimmer, spokesman for Slovenská Sporiteľňa, told the media on March 25.

Nevertheless, the bank will file charges against the unknown offender.

Slovak IT security firm ESET detected the Slovak version of the phishing scam when it updated its database of samples, ESET told the SITA newswire.

Slovak users are generally skeptical of emails requesting personal data, but awareness of phishing is probably still low because they don't have a lot of experience with such scams, especially ones written in Slovak, according to Ivan Kopáčik of the IT Association of Slovakia.

"Slovak is not a widely-spread language and the number of internet users in Slovakia is low compared to the western world," he told The Slovak Spectator.

But Kopáčik pointed out that internet banking services are usually used by clients who have a certain level of awareness about the risks.

Nevertheless, attempts to scam Slovak clients of large international firms, such as banks, will likely become more frequent, he said.

Such emails take different forms, including an announcement that the client's account has been blocked, a customer satisfaction survey, or a statement the data will be used for the client's protection, Kopáčik said. The email usually includes an internet address that gives the impression its from a trustworthy website of an official institution.

Kopáčik said that similar attacks have occurred in Slovakia in the past, but that the companies involved are not eager to publicise them. Slovenská Sporiteľňa has been the target of two such attacks, while Tatra Banka was targeted once, he said.

A phishing email can be identified by its contents, Kopáčik continued. Large, credible financial institutions never ask clients to provide sensitive data of any kind via email, he said.

Martin Baranovič of Eset told the Sme daily that scammers often acquire the data with the intention of trading it, not abusing it.

"The trade of such information is a big business," Baranovič said.

(With files from Marta Ďurianová)

Get daily Slovak news directly to your inbox

Top stories

News digest: Penta partner Haščák reportedly charged with corruption after a police raid

Anti-communist fighters will receive pensions. Sunk tugboat being drawn out of the water.

Jaroslav Haščák

Car industry needs to jump on the latest trends

Economy minister promises extensive support for hydrogen technologies in Slovakia.

The Hydrogen Technology Research Centre (CVVT) is to be launched at the end of 2020 or beginning of 2021 in Košice to do R&D in this field.

Responsibility goes hand in hand with EU advantages, says President Čaputová

President Zuzana Čaputová spoke with Vice President of the European Commission for Values and Transparency, Věra Jourová.

President Zuzana Čaputová

Half of all parents lack time to help their children with distance learning

Some have a hard time motivating their children, others do not understand the curriculum.