A new form of fraud is spreading, where fraudsters can gain control of your entire BankID via fake links.
In recent weeks and months, Nordea Bank Norway has received many inquiries from customers who have experienced the new form of fraud. It is also more extensive and intrusive than fraudulent methods the bank has seen before.
– It started in April with fake text messages being sent to Vipps. The text messages were sent from someone who pretended to be Vipps. Then the form of fraud was changed in June to BankID. Then the scammers go wider, because everyone has a BankID.
– The customer receives a message on the phone stating either that your BankID has been blocked or that you have been subjected to a fraud attempt, says fraud expert Ida Marie Edholm in Nordea.
Read also: Scammed Norwegians for millions
Fake website
The scammers then send an SMS informing them that BankID must be updated with a link to a fake website, which looks like a real page. Here, the customer must enter personal codes to update BankID.
The scammers ask for the telephone number and which bank you use, so they can be ready at the online bank you provide. The SMSs are sent from a Norwegian telephone number from randomly selected persons.
– What we have seen lately is that the scammers also ask for card information. You enter your card number, birth number and eventually the one-time code for BankID, says Edholm.
Blocked
She concretizes a fraud attempt. A woman in her 40s received an SMS late in the evening stating that her BankID had been blocked due to attempted fraud. To protect the account, the woman had to click on a link in the SMS. When she did, she moved on to several login pages with the BankID logo on.
– There she was asked to provide telephone number, which bank she has, card information, social security number and one-time code. After filling in the last page with a one-time code, she did not get further and had to enter the code several times.
– What did it give the scammers the opportunity to?
– They used her card number for Bitcoin purchases, transferred around NOK 70,000 to an account in another bank and changed the contact information in both online banking and mobile banking. They also opened an account in the customer’s name in another bank, the fraud expert answers.
Downloaded the codes
The latter was possible, because the information and codes that the scammers received made them enter the customer’s online bank and download Nordea codes. The customer’s online bank was then downloaded to the scammer’s mobile phone.
– As soon as we became aware of this, we took the necessary measures and blocked the products to prevent further abuse and loss. In this case, the money that went to the purchase of cryptocurrency was lost, about 10,000 kroner. But we managed to stop and return the transfer to the other bank.
Edholm says that no serious players would ask customers to enter via links. This generally applies if you receive an email or SMS and are asked to click on a link and then move on to pages that ask you to provide sensitive information.
Then you can almost always count on it being a scam. Nordea asks its customers to go directly to the online bank if something needs to be updated.
Transferred 40,000
Nordea has seen many examples where fraudsters have received enough information to download the customer’s mobile bank. Thus, they can transfer money, create new customer relationships in other banks, etc.
– A customer experienced that the fraudsters established customer relationships in another bank and transferred NOK 40,000 from her savings account in the old bank and over to the new one.
– What else can the scammers get control of?
– When they have entered the online bank, we have seen that they misuse the card, that they buy things in different places. This form of fraud is different from other scams we have seen, where they only misuse the card.
– Here we are concerned that they use the BankID to create customer relationships in other banks, so that it becomes an ID theft.
Read also: Expert raises alarm about new fraud trend: – Impossible to secure against it
Money laundering
If the fraudsters manage to establish a customer relationship with another bank, Nordea and the banks are afraid that the account could also be used for money laundering. The fraud can thus be part of another type of crime.
And so the scammers are changing methods and behaviors. For a period, Nordea saw that there was a predominance of messages in the evening or late at night. Serious players would never have sent messages at those times. Now the messages are more evenly distributed throughout the day.
– We also had some emails this week that were sent out in the name of the Tax Administration, which were fake emails, so this is changing.
– In Nordea, it started with fraud attempts against slightly older women, but now it applies to customers of all ages. We have had a sharp increase over the summer, with a doubling of the number of customers who have been defrauded. And this is not something that only affects Nordea customers, these SMSs are sent arbitrarily to other banks’ customers, says Edholm.
Read also: Now is the high season for home fraud: Expert comes with strong warning
Barring
– Those who are affected by such a scam, what should they do?
– The most important thing is to contact the bank as soon as they discover this, so we can block the services that have been misused. We will immediately look at which products apply.
– But customers who are affected, are they entitled to compensation?
– If a transfer is not detected early, you may risk that the money is gone and lost. That is why it is so important to contact us as soon as you suspect that you have been scammed.
– You can apply for a card complaint if the card has been misused, but this will be an assessment in some cases, Edholm answers.
–
