The Bank of Israel warned on Sunday that there have been attempts in the past few weeks to defraud bank customers through digital scams. The total financial damage of the fraud has been minimal, though, and customers did not suffer losses, the central bank said.
In a document to customers, the central bank said that users of digital banking and payment services should be particularly attentive when they get an email or text message in which they are asked to enter credentials, account details, or a credit card number.
The bank also warned of a specific recent campaign in which scammers tried to steal customers’ personal details by impersonating global online payments firm PayPal. The scammers’ modus operandi involves sending a large number of emails in English or Hebrew, hoping that some recipients will think it a legitimate email from PayPal. When they open an attachment, they are brought to a site that visually mimics PayPal. There they are asked to enter their credit card number and other personal information — for “their own good,” as there is concern that a foreign entity used their credit card — enabling the attacker to gain access to their accounts.
The central bank outlined guidelines to help digital banking users stay protected, including:
• Don’t ever provide means of identification or other personal details, even if the reasons seem convincing; banks or companies such as PayPal would never approach customers via an email to to enter such details.
• Verify that the sender’s address is a familiar one and make sure that it is precise — for example, that the PayPal address is written correctly and without even a tiny mistake such as an extra or missing letter.
• Check the content of the notification. Is it a general message? Is it addressed specifically to you or is it a more suspicious “Dear customer” letter. Is it in Hebrew, in the case of a bank in Israel, or a domestic company? Is the wording correct or does it have linguistic or grammatical errors? “An email with incorrect wording or written in a language other than that in which the organization or service tends to contact customers should be treated with suspicion,” the report said.
• Beware of emails, SMS, or WhatsApp messages that were supposedly sent by a bank or credit card company with link to websites.
• Install protection software on PCs and cellphones and keep up with operating system updates.
• If you have any doubt, don’t respond to any notice and don’t click on any link before checking with the relevant bank or company, the Bank of Israel said.