PPA, RIA warn against phishing letters spread on behalf of banks

Examples of the fake websites used by scammers.
Examples of the fake websites used by scammers. Source: PPA.

Phishing e-mails sent on behalf of banks are once again spreading to try to gain access to people's bank accounts and steal money from them. The Police and Border Guard Board (PPA) and the Information System Authority (RIA) are asking people to carefully check the e-mail or website address of the sender of a sensitive e-mail.

RIA's security incident management department CERT-EE on Thursday evening received a report about a phishing e-mail spread via e-mail on behalf of a bank that notified the recipient of the receipt of a new bank payment, spokespeople for the Police and Border Guard Board said. To verify the bank's right of ownership and for security reasons, people were asked to log in to their bank account using Smart-ID or Mobile-ID.

Oskar Gross, head of the Central Criminal Police's cyber crimes department, said that the references in the letter lead to a fake website which looks similar to the bank's real website.

"While the person is logging in to the bank on the fake page, the scammer performs the same actions in the real internet bank, using the login details entered by the victim. The scammer then tries to transfer the money in the account to an account under their control," Gross said.

Gross emphasized that extreme caution must be exercised when receiving such an e-mail.

"By checking the e-mail address or website address of the sender of the letter, it can be determined that it is not a letter from the bank. Always check the sender of the message before clicking anything or logging in, and suspicious links and attachments should not be opened. In the event of unusual bank notifications, you should not click on the links in the email, but enter the bank in the usual way," Gross said, adding that the grammar of the e-mail should also be paid attention to.

Examples of the fake websites used by scammers. Source: PPA.

Head of CERT-EE Tõnu Tammer said that the department has received reports of six incidents, but fortunately, no one is known to have been harmed yet.

"The subject lines of such phishing letters use a number of luring techniques to make people curious as to whether someone has actually sent them back payments or if they have received an unexpected bank transfer. We have seen similar phishing campaigns before and we hope that, as a result of constant information work, we will be able to minimize the number of victims. Our goal is that people always check who sent the e-mails when opening them and which web address the link in the e-mail refers to. This would make the life of cyber criminals much more complicated," Tammer added.

Similar phishing e-mails have been sent in Estonia before, but the exact origin of the e-mails circulated on Thursday evening will be determined in proceedings.


Follow ERR News on Facebook and Twitter and never miss an update!

Editor: Helen Wright

Hea lugeja, näeme et kasutate vanemat brauseri versiooni või vähelevinud brauserit.

Parema ja terviklikuma kasutajakogemuse tagamiseks soovitame alla laadida uusim versioon mõnest meie toetatud brauserist: