Bank of Ireland warn customers of new ‘smishing’ scams
Bank of Ireland is warning customers around a new wave of fraudulent text messages in circulation, where fraudsters are using customers’ card details to set up Apple/Google Pay.
The Bank has experienced a spike in ‘smishing’, where fraudsters send fake text messages appearing to be from delivery services including An Post or Government agencies including the HSE and Revenue.
Customers who click the links in the text messages are then directed to fake websites where they are asked for their card or online banking login details. The fraudster uses these details to set up Apple/Google Pay on the customer’s card or to set up the customer’s online banking on a new device. If the customer gives away the genuine One Time Passcode sent by Bank of Ireland to confirm the set-up, the fraudster can then access the customer’s account.
During the last month, the number of ‘smishing’ cases detected by Bank of Ireland’s Fraud Prevention team has increased by 50% since the introduction of this tactic.
Edel McDermott, Head of Fraud at Bank of Ireland said: “Fraudsters tend to use a range of tactics that have been the subject of regular warnings for some time. When a new variation on a familiar theme crops up, this is a cause for real concern, and we are warning customers to be extra vigilant.”
“Text messages appearing to be from third parties like delivery companies or Government agencies should be treated with caution and verified accordingly. Following fraudulent links in these texts is leading to customers disclosing card details, and then having Apple or Google Pay set up on their card, generating a genuine One-Time Passcode from their bank. When this Passcode is then disclosed, this allows fraudsters full access to the customers’ account. Customers should never share this Passcode with anyone, even if they say they are from Bank of Ireland.”