Security and antifraud

Is the crime of deceiving people into sharing sensitive information like passwords, personal information or accessing specific websites. The most common method is receiving an e-mail out of the blue that appears to be from your bank and the message demands that you must enter, complete or check your personal data concerning your accounts. You have to click a link to a website that looks extremely similar to your bank’s own website with the main purposes to obtain confidential data like: name, home address, town, card number, security code, phone number, etc.

Therefore, we inform OTP Bank Romania’s clients not open suspect emails and do not try to access links in which you are asked for your personal information.

In case you received a message that falls within the specifics mentioned above, here are some useful tips:

• DO NOT answer to this messages;
• DO NOT acces  the link;
• DO NOT provide your personal information regarding your debit/credit cards ( PIN code, CVV2/CVC—represented  by the last 3 digits situated  on the back of the card);
• Forward the message as soon as possible to e-mail address of OTP Bank Romania SA: banking.security@otpbank.ro.

If you have been the victim of such a fraud, please contact us immediately in order to take the necessary actions in order to protect you.

Useful information:

• OTP Bank Romania will never ask you to provide confidential information via an e-mail or by accessing a link from the contents of an email;
• Pay close attention to generic messages - fraudulent messages are often impersonal and with grammatical errors;
• If you identify such websites in connection with OTP Bank Romania, please contact the bank as soon as possible.

Scam / Phishing attacks are represented by different campaigns (bids / contests) generally promoted through social media platforms.

The main purpose of these types of messages is to promote false promotional offers purchased by the victims, resulting in:

• The products will never be delivered;
• The security data of the payment instrument used (credit or debit card) is retained and then used to initiate unauthorized transactions by the holder.

In case of "Special Offers - Scam / Phishing" fraud attempts:

• Check before you buy → check website reviews;
  Pay using secure payment services → if a card or bank transfer is required, check the supplier / trader before performing the requested operation;
  Use a secure device when you pay; Maintain your system and antivirus up-to-date;
  Pay attention to commercials such "miraculous offers", “best offer”, ”Top business opportunity” → if it is too good to be true, there is probably that the offer is NOT real and it is an attempt of fraud;
  Pop-up window tells you that you have won a fabulous prize? More certainly it's a fraud;
  Fill in the transaction dispute form for the operation performed in such circumstances and notify the competent entities;

When someone tries to trick you into giving them your private information like personal data or authentication data via a text or SMS message.

In most cases, messages are like "Congratulations! You won the “X” prize. To get the prize, please send us your personal data / card details (card number, expiration date, CVV)”

Useful information:

• DO NOT respond to such requests;
• DO NOT send personal card data or authentication to other people or phone numbers;
• If you receive this kind of messages, immediately notify the mobile operator and the Police regarding the telephone number from which you received the SMS!
• Do not access links or attachments received via SMS from persons you don’t know;

Malicious program or code that is harmful to systems and it succeeds in installing itself on your computer in order to access valuable information from your PC or smartphone like passwords, financial data and other personal information. There are multiple ways your PC can be affected like accessing a harmful link from e-mail or text message, installing an application from untrusted source or from different posts on social networks.

Useful information:

• Always check the authenticity of the website before logging in, tracking the existence of '' https '' and a lock pad before or after the website name, color differences or minor mistakes in the name of the website. Moreover, another security element of the web page is the green color of the writing or the address bar (in the case of the Internet Explorer browser), which means that the security certificate used by that website is valid;
• Install a licensed antivirus and make sure to keep it up to date;
• Scan your computer regularly with your security software;
• Do not use unsecured public Wi-Fi connection;
• If you are unsure about the security of a website, close it immediately;
• Use an updated antivirus that also has an anti-phishing filter.

Email spoofing is a tactic used in phishing and spam campaigns which the main goal is to get recipients to open, and possibly even respond to, a solicitation regarding personal details or in order to send a malware to the recipients PC’s.

Useful information:

• If you receive messages that seem to come from your account or if you get a response to a message you did not send, you are most likely the victim of a spoofing attack.
• DO NOT open the emails and delete them as soon as you notice them.

Identity theft: it is a form of appropriation of personal data belonging to a person through a variety of methods and subsequently used with the purpose to control the person’s resources or to obtain undeserved benefits on behalf of that person. 

Useful information:

• Check if the website is secure before introducing your personal data; 
• Use up to date software and security services; 
• Be aware about disclosing on the internet of your personal data and regularly check the privacy settings;
• Create complex passwords and change them periodically;
• Do not set the same passwords for multiple accounts.

The most common methods are:

1) The fraudster reaches out to the seller through the e-commerce platform, pretending he is a potential buyer and requests to move the conversation from the online platform to another communication channel. The fraudster informs the victim that he had paid the product and sends him a false link to collect the sum for the sold product.
When accessing the link, the vendor is required to enter his personal bankcard security data 
(including the static password and dynamic 3D Secure).
Once in possession of this information, the fraudster no longer responds to the conversation and starts to initiate fraudulent transactions using previously provided security data.

! A clue of a possible fraud is given by the way in which the alleged buyer addresses: strange expression, grammatical mistakes, repeating words in the same sentence.

2) The fraudster registers with false data on the e-commerce platform as a seller. He posts fictious product ads at very advantageous prices. The victim decides to purchase that product and receives a link intended for a phishing webpage. When accessing the link, the buyer provides all required security data (including the static password and dynamic 3D Secure) on the fictious site. Subsequently, the victim notices the occurrence of other unsolicited transactions, registered with online retailers located outside the country, payments made using security data previously provided to the attacker.

How do you deal with such situations:

• Do not provide the bank security data to a third party regardless the situation;
• Contact us and communicate us about the possible fraud as soon as possible;
• We will take the necessary steps to reduce the registration risk of other unauthorized transactions : blocking and reissuing the bankcard with other security data;
• You provide us as many as many details as possible about this situation, including the accessed link;
• You file a complaint to the criminal investigation authorities.

Represents a way of defrauding customers, Internet Banking users, through various online platforms. Fraudsters recommend themselves as "financial consultants" in investment areas and ask people to install/use applications that offer them total remote control of the user's device (mobile phone, laptop or tablet).

Through the installed application, the fraudsters have access to the data and applications from the client's phone, tablet or laptop, including in the mobile Internet Banking application, and transfers amounts of money without the consent of the account holder.
 
How to proceed in such situations?

• You do not follow such requests to install unauthorized applications;
• Do not access the links on social media platforms that promise large earnings in a short period of time;
• You contact us, as soon as possible, and inform us of the possible fraud;
• Communicate to the bank as many details as possible about this incident;

In one of the latest scams, exploiting coronavirus context, the criminals have developed a new scam method that aims to obtain undeserved benefits, from the pandemic with COVID 19 virus.

Similar as "Car Accident Scam", fraudsters call victims pretending to be hospital officials or organizations who claim that a relative of the victim has fallen sick with the COVID-19 virus and request payments for medical treatment and equipment.

Also under the pretext of the current pandemic crisis, scammers impersonate genuine charities and collecting donations for a COVID-19 medical and protective equipment.

Act safe, stay safe:

• Call a phone number for your family member that you know to be genuine;
• DO NOT provide personal data over the phone, regardless of the quality of the persons invoked by the interlocutor;
• DO NOT transfer money to unknown persons, regardless of the reason and the situation invoked by them;
• DO NOT share or provide your card details, passwords or PIN codes;
• Notify the police immediately if you suspect you were a target or victim of a scam.

Manipulation of people by phone. The caller attempts to extract information necessary to compromise a person or an organization by obtaining personal data or carry out fund / asset transfers operations. Most of the time, malicious persons claim to be a legitimate company, usually the bank or mobile operator.

There are situations where Vishing attackers claim to be brokers in the stock market. They call in an attempt to trick people into buying stock’s from different companies. However, in reality these financial instruments do not exist.

Useful information:

• If you receive phone calls asking you to provide personal data, transfer the balance from your account to another account because it has been compromised or any other similar situation, close and contact OTP Bank Romania preferably using a phone other than the one you called;
• It is recommended that you set all calls from unknown numbers to go to the voice mailbox.
• Do not act in a hurry or transfer money to people requesting you to do so;
• End the call and separately verify the identity of the person by appealing to the institution from which the person claims to be calling.  
   

CEO fraud involves the impersonation of a senior company executive in order to divert payments for goods and services into a fraudulent bank account. Fraudsters will typically target a company’s finance department, either via email or over the phone.

In most cases, the attacker interpose during e-mail correspondence and instructs a company's staff to urgently make payments to partners' accounts other than what is known and used up to that point.

Useful information:

• Permanently verify whether the dates of partners and vendors have changed, name, address, email address, account;
• Cross check - Confirm through other channel (phone, other email address) instructions for making payments to another bank code.
• Never open suspicious links or attachments received by e-mail. Close attention when verifying personal emails on company computers. The addresses are similar to the usual ones on which requests are frequently received.
• If the payment instructions (Bank or a new account) have changed, additional checks (by phone, additional email address) need to be performed to verify the authenticity of the transfer and if the new data are the correct ones.
• Do not make transfers or process operations only based on an email or an urgent telephone request;
• Retrieve the information from the person who is recommended to be the CEO and call the CEO or the manager directly on the known phone number; 
• Forward the email to the Manager ( CEO), not with a simple reply to the original email, but by retrieving the email address from a previous correspondence.
   

Money mules are people who serve as intermediaries for criminals and criminal organizations and in return for a commission, they transfer specific amount, illegally obtained, to other people and other accounts, with the intention of losing track to the real beneficiary. The most targeted persons are unemployed, students and people in financial difficulties.

How it works?

• Targeted persons (potential money mules) are usually contacted by email or social networks by “representatives” of an organization / company;
• Individuals are offered a job. Of course, the job offer is not real;
• According to the job title, people have to go to the bank to open accounts on their behalf, and then have to transfer money collected from the representatives of the fictitious organization;
• The money mule receives in exchange a commission from the transferred amounts;

Useful information:

• Avoid working with people who ask you to perform banking operations on their behalf;
• DO NOT open a bank account on your behalf for unknown people;
• DO NOT respond to messages or calls that promise you a sum of money in exchange for making transactions on behalf of others.

Attention! Money mules activity is considered a crime such as money laundering, organized crime groups and punishable according to low in force.

It is the one in which people of good faith are called, usually with hidden numbers, by ill-voiced persons, who are recommended as lawyers, doctors or police officers. They are informed that a family member has suffered or has committed an accident and that urgent money is needed to "solve the problem", usually transmitted through fast money transfer services, or by handing it to an intermediary.

Useful information:

• Close the call immediately
• Urgently contact the family member who was involved in the supposed accident
• Check the information in independent sources
• DO NOT transfer any money
• Call the police

It is a method of selling various products; such as cars or equipment at unrefined prices, and those who are interested are encouraged to transfer a sum of money through money, transfer services (Western Union or Money Gram) as a guarantee or advance. Subsequently, they are asked to send the justification document by email, WhatsApp to the seller, and he / she uses the respective data / transaction reference to withdraw the money, and in the end, the good-faith buyer is deceived and never enters the possessed asset.

It is the way that, with the help of handcrafted electronic devices attached to ATMs or POSs from merchants, the data on the debit / credit card magnetic tape is illegally copied. These data are then stored on cloned / counterfeit cards and used to make transactions.

Useful information:

• Analyzes the appearance of ATMs, especially removable parts such as the keyboard, the cash release slot and the card reader;
• Do not give to anyone the PIN, card number, CVV code on the back of the card, do not write them down in the phone, diaries or card;
• When making payments to merchants, try not to lose sight of the card;
• Check your transaction history regularly and if you notice anything suspicious, contact the bank immediately with the phone number on your card;
• Cover with your hand the ATM keypad when you enter your PIN;
• If the ATM where you are going to carry out the operation, for some reason, raises suspicions, it is good to quit the transaction and use another ATM

Invoice fraud occurs when a company’s employees are contacted by a person claiming to be from a legitimate supplier of goods/services and requests modification of the payment details. 

Useful information:

• Have a well-defined procedure regarding verification and execution of payments; 
• If a request claiming the modification of payment data or an invoice with different payment details and bank accounts is received, verify this aspect with a trusted contact with whom you regularly communicate from the supplier, preferably using another communication channel;
• Check if the data contact are authentic by comparing them with the ones from a previous correspondence; 
• Before making a payment that exceeds a certain threshold, confirm the details with a trusted person from the supplier.