Spectator on facebook

Spectator on facebook

THE INTERNET IS NOT A PLACE TO NEGLECT BASIC PRINCIPLES OF SECURITY

Phishing attacks target bank accounts

personal data. In the wake of a court decision that forced one bank to compensate a client harmed in such an attack, the issue is drawing increased attention.

VÚBBank had to compensate a phishing attack victim more than €3,000.(Source: SME)

personal data. In the wake of a court decision that forced one bank to compensate a client harmed in such an attack, the issue is drawing increased attention.

In most cases phishing takes the form of a fake email masquerading as an official communication from a client’s bank. In this email the fraudster politely asks for verification of the client’s personal data. Phishing can occur via mobile applications or malware installed on a client’s personal computer, which can alter or damage the user’s data or send it to other people, according to warnings issued by Slovenská Sporiteľňa (SLSP).

“Recently, VÚB faced another wave of phishing attempts,” VÚB Bank spokesperson Alena Walterová told the Trend weekly. “Fortunately, our clients are sufficiently information literate to distinguish fake emails.”

Several clients contacted the VÚB call centre after receiving emails asking for online banking details in the name of VÚB in late October, Walterová said. The emails contained a link to a fraudulent VÚB inquiry where clients were directed to fill in their personal data, including their name, account number, date of birth, account name and password.

Criminals also need notification via SMS or GRID card numbers, a security tool containing an authentication code generated by means of an electronic personal key. Therefore, the fake email also asked clients for their phone number and email address.

It is impossible to determine the exact number of attacks since criminals send numerous fake emails to bank clients and banks are only alerted if clients report them, Walterová said, adding that such attacks are increasing in frequency.

SLSP also noticed an increasing number of attacks; moreover, some of them were not focused on the bank's clients but the bank itself, Štefan Frimmer, a spokesperson for SLSP, told The Slovak Spectator.

The police cannot confirm that phishing attacks are on the rise since they do not keep such statistics, said police spokesperson Michal Slivka to The Slovak Spectator. Internet-based banks such as Zuno and mBank say they have not noticed any fraud attempts this year.

Be responsible

Fraudsters usually lure authorisation data from clients’ cards and data to gain access to their internet banking. They send fabricated payment orders which need to be paid, Frimmer said.

People should not respond to these e-mails, Mária Kecsoová, a spokesperson for Zuno bank, told The Slovak Spectator. Do not send personal data related to bank accounts, she emphasized.

“The Internet is a place where people should not neglect the basic principles of safety, especially when handling their own money,” mBank spokesperson Matej Kubinec told The Slovak Spectator. “The basic principle is to care about the security of computers, meaning the use of legal and regularly updated software together with updated anti-virus software.”

Who is responsible?

In one high profile fraud case involving VÚB Bank in 2010, a bank client unwittingly gave his internet banking security codes to fraudsters who used a computer virus that redirected the clinet to a fake version of the bank’s website. The bank refused to return the money to its client, arguing his computer was not secured sufficiently and that the bank’s internet banking site contains a warning about working securely with the service, the TASR newswire reported.

A court later ordered the bank to return the missing money, including interest, based on the law on payment services and the regional court in Trenčín upheld the ruling. VÚB was ordered to compensate the client, who had lost €3,000 in the phishing attack. VÚB paid the sum.

“An ordinary client with common knowledge about working with a computer may not have enough expertise to distinguish whether or not he or she is working with a fictitious internet banking webpage created by a virus, or to know in detail the working procedures of the bank,” Judge Emília Zimová wrote in the regional court’s ruling, Trend reported on October 31.

“We, however, don’t agree with the ruling and the argumentation for the decision and we consider it wrong,” Walterová of VÚB said.

The bank maintains that the client behaved negligently with his internet banking authorisation data and does not believe that the client fulfilled his legal duty to perform all that was necessary to secure protection of personalised security data, TASR reported.

Walterová said the court’s ruling contradicts reality because the client did not secure the configuration of his computer, which the bank believes would have prevented the infiltration of the malicious code, adding that it is not the bank’s obligation to ensure that clients have properly secured their computers and that they do not give their personalised authorisation data to unkown persons.

Topic: Finances and Advisory


Top stories

Unknown places worth visiting in Slovakia Photo

The year 2016 brought record numbers for tourism in Slovakia.

Špania Dolina, the runner-up in the Village of the Year competition.

This is not a game, and these are not children

If politicians care about the future of the country, they need to offer young protesters with specific demands more than the just same old vague assurances.

Nu Dance festival changes date and the finale coincides with International Dance Day

The festival of contemporary dance has not just moved in time but also from the stage to the streets, encouraging public participation.

Renan Martins: Let Me Die in My Footsteps

(W)Rapping up two worlds in one music

The Fjúžn festival annually presents interesting musical projects from people who cross borders, literally or symbolically. This year, the headliner of the main festival concert on April 22 will be the French-Iraqi…

The Iraqi-French band Aiwa