PHISHING
A scam where fraudsters impersonate trusted entities (banks, merchants, government institutions) via electronic communication to persuade the victim to disclose personal information.
Phishing operations:
- The fraudster sends an email that appears to be from a financial institution, asking the victim to update their information.
- The victim clicks on a link in the message that leads to a fake website, very similar to the official site.
- On the fake site, the victim enters their username and password.
- The fraudster collects the data and uses it to access the victim’s account.
- Funds are transferred to a third-party account, from which the fraudster withdraws them.
Phishing does not only target electronic payment data – fraudsters may seek information about payment cards, PINs, ID cards, passports, and other confidential data by imitating trusted institutions.
Preventive measures against phishing:
- Never reveal your password.
- Do not click on unknown links from email messages – be suspicious.
- Compare the address in the email with the real address of the institution.
- Do not open unknown attachments if you are suspicious of the content or the sender.
- Do not leave personal data like passwords, card numbers, or PINs.
- Remember: financial institutions never ask for this information via email!
IDENTITY THEFT
A fraudster falsely impersonates you to withdraw money, open accounts, apply for loans, or even commit serious crimes like extortion or human trafficking.
How fraudsters access data:
- Purchasing data from hackers.
- Shoulder surfing – watching as you enter your PIN.
- Eavesdropping on phone calls.
- Spamming – sending fake offers via email.
- Dumpster diving – finding discarded documents or equipment.
- Phishing – false messages in the name of trusted institutions.
- Hacking – stealing data from computers or databases.
How to protect yourself:
- Do not share personal information with unknown companies or individuals.
- Use strong passwords and always log out securely.
- Ensure no one can see your PIN at the ATM.
- Report the loss of a card to the bank and block it immediately.
- Report missing documents to the police.
Credit card abuse:
Credit card abuse involves theft or fraud using the physical card or related data, such as the card number, CVC/CVV code, and expiry date. These details are used for unauthorized transactions, most often online.
Signs of card abuse:
- The card is stolen or lost.
- You receive an SMS for a transaction you did not make.
- You notice unauthorised charges on your account.
- You suspect someone has learned your PIN or card details.
- Abuses often occur shortly after a card is lost – immediately notify your bank.
Recommendations:
Card and PIN:
- Do not keep your PIN and card together.
- Shield the keypad while entering your PIN.
- Use biometrics (fingerprint or facial scan) for your mobile wallet.
Online payments:
- Pay only on sites with https:// or a padlock symbol.
- Use specific cards for online payments and keep only the necessary funds in the account.
- Secure sites require two-factor authentication (one-time code via SMS or app).
Minimize risk:
- Link your card to your phone and make payments using your mobile device.
- Use contactless options at ATMs and in stores. Keep your card with you at all times.
TIPS REGARDING SCAM MESSAGES AND FAKE OFFERS
- Data often requested in scams:
- Username, password, phone number, activation code from SMS.
- Card number, expiration date, CVV.
- Requests to send a photo of the card or personal documents – this is a definite sign of a scam.
- Dangers of suspicious messages:
- Opening attachments or links can infect your device with viruses and enable data theft.
- Fake messages from “financial institutions”:
- Genuine institutions use only their official email domains.