Important information regarding cookies
iBusiness Banking (iBB) Security Centre
Common Frauds and Threats
Our Online Banking services are a safe and convenient way to manage your finances, but you need to take care to guard against Internet fraudsters. It is important that you are aware of potential fraud attempts that originate from the Internet. Remember your personal information and key banking details, are the prime targets of internet fraudsters and you should protect them as you would your valuable possessions, so think before you click.
Click on the headings below to find information on the most common frauds and threats:
Email Scam Warning
The Bank has been made aware by customers of different types of email fraud attempts. Criminals are sending emails:
- Claiming to be from a Supplier to their Irish Customers. The email advises that the Supplier has changed their bank account number and that all future payments should be made to the new account, which actually belongs to the criminal. We have recently seen some attempts where the criminal has used Brexit as the reason a new account is needed, and
- Which spoof the From: field, so the email appears to be from a Manager / Director / Senior Staff Member within the company. The email is requesting the receiver to ‘complete a bank transfer to an overseas account’ and appears to be sent from the email Manager's account.
- A subsequent mail is then sent from the ‘Manager’ with the receiving account details, which belong to the criminal.
If you receive such an email, we would recommend that you take the following steps:
- Contact the Supplier / Manager/ Director etc using the existing agreed number to verify the request
- Check the email address – it may be different to the genuine one
- Do Not use the email ‘reply’ function, from within the received email
- Never open attachments to an email unless you are satisfied the emails are genuine
- Please look for any wording/grammar/tone that would be unusual for your company; e.g. request to complete/sort a “financial obligation” or a “wire transfer”.
- Check the time stamp on any emails, as this can sometimes indicate an email coming from somewhere it shouldn’t.
- Ensure that all your iBB Users are aware of this threat and that they should report any suspicious activity immediately.
Malware (Trojans and Viruses)
The effects of malware can vary widely depending on what it is designed to do. Some cause little or no damage, while others can be very dangerous and deliberately target customers who bank online.
Banking specific malware can gather personal or security information entered on the infected PC / laptop / phone. Such malware can gain access to the device when the user is tricked into opening or running an infected attachment they have received from a seemingly legitimate email, through an infected file they have downloaded or by visiting an infected website.
You may have seen reports in the press regarding current threats from sophisticated malware. Although these threats are serious, you can do simple things to protect yourself. Be suspicious about any emails you are not expecting, even from trusted sources. Do not click on links contained in emails. Make sure that you set your PC to update the Operating System and your Malware protection automatically.
How do you know that you are under attack?
- Fake iBB screens or pop-up windows asking you to key details into your iBB Digipass.
- Your PC slows down while using iBB - particularly at logon
- Suspicious phone calls are received purporting to be from AIB regarding iBB; asking you to create codes on your Digipass, perform test payments and/or authorise payments.
- AIB will never ask you to do this!
REMEMBER: Always check that the Beneficiary details for payments you are authorising are legitimate or really do belong to the person you want to pay.
Example of a fake iBB screen
While the screen below may look authentic, this is an example of a fraudsterattempting to get security information from you to make a payment.
Click here to view more examples of fraudulent iBB screens.
This is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users file, unless a ransom is paid.
If your computer has been locked by ransomware, you should seek professional advice from a trustworthy source.
The “No More Ransom” website is an initiative by the National Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to help victims of ransomware retrieve their encrypted data without having to page the criminals – https://www.nomoreransom.org/
Vishing (Telephone or Voice Fraud)
Vishing is when an individual calls you claiming to be from the Bank, or a company providing a service and request financial and/or personal and security information.
If you request their authenticity, they give you a genuine telephone number to call, but they do not end the original call. This means when you dial the genuine number, you are still connected to the same individual or their colleague. Hang up and if possible, call from another telephone.
The term is a combination of ‘voice’ and phishing. It is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.
AIB is aware of a long standing scam where fraudsters ring people and attempt to defraud them by saying there are problems with their PC.
The fraudsters may claim to be from:
- Windows Helpdesk
- Windows Service Centre
- Microsoft Tech Support
- Microsoft Support
- Windows Technical Department Support Group
- Microsoft Research and Development Team(Microsoft R&D Team)
- PC Doctor
- Any of the broadband service provider companies
When you answer the phone, the caller may advise you that they have noticed from their records that you might need to have your computer updated. They usually include a threat, such as telling you your whole system is about to collapse or that all of your passwords and security keys are going to be made known in the public domain unless you perform the required upgrade, etc.
It is important to note, the caller may be using this opportunity to install virus software on your computer to obtain your personal details. They may ask for your bank account details; supposedly to give you a refund for software that you purchased some time ago and have not used.
You may be lulled into a false sense of security by the caller. In some cases, they are able to provide you with personal information such as your credit card number or home address, etc.
The call can result, on occasion, with customers giving all their credit or debit card details or agreeing to make payments online via money transfer agents, for the service provided. At this stage, the fraudster obtains the relevant card details through either the virus installed, or indeed if you provide your card details. The fraudster will be able to complete further transactions on your card without your knowledge.
These calls are fake!
These phone calls are NOT from genuine software companies - they are a fraudulent attempt to obtain your banking details.
What should you do if you receive one of these telephone calls?
o DO NOT disclose any details and END the call.
Call AIB immediately if you have given any of your banking details to the caller.
Adware and Pop-up Windows
Pop-up windows are the small windows or adverts that can appear suddenly over or under a browser window. Pop-up windows can be used to obtain personal information from an unsuspecting user. Fraudsters can also use fake ads to fool you into visiting a fake website and supplying personal details.
Please note: pop-up windows can be legitimately used by some websites/offerings such as ’Verified by Visa’ and ’MasterCard SecureCode’.
Phishing is a common technique used by fraudsters in an attempt to obtain personal and security information for the purpose of identity theft or financial gain. The fraudsters use email messages that appear to come from legitimate businesses in an attempt to fool you into supplying your personal details. Financial institutions are frequently targeted by these types of attacks.
AIB may on occasion send you product related or marketing surveys via email. It is important to note that these mails will not ask you for personal or banking information.
SMS (Text Message Fraud)
Text Message Fraud (SMiShing) is a common technique used by fraudsters in an attempt to obtain personal and security information for the purpose of identity theft or financial gain. The fraudsters send text messages that appear to come from legitimate numbers in an attempt to fool you into supplying your personal details.
AIB may on occasion, send you product related or marketing surveys via SMS. It is important to note that these text messages will not ask you for Internet Banking login details or personal information.
Would you like more information? Check out these websites: