Recognize the scammer: banks never need card data



Recognize the scammer: banks never need card data

Recognize the scammer: banks never need card data


06/24.2020 23:18


And remember, it’s very difficult to catch and blame the “bank” scammer. Police don’t like to take on such cases

In recent months, cases of telephone fraud such as vishing and smashing have again become more frequent in Ukraine. In the first case, the bank details are required during a phone call, in the second – via an SMS which invites the victim to call the attackers. This was reported by the NBU press service on Facebook.

This is usually a call or a message from an alleged bank employee. For example, there was a technical failure, as a result of which you can lose your savings (one of the many inventions of the scammers’ arsenal). The contact person assures you that the problem can be solved now, but for this you need to provide additional information in the form of a PIN code, an expiration date and a credit card number, as well as a CVC security code (three digits on the back of the card).

Likewise, in early April, scammers attempted to “seize” money from the author’s mother, a client of Oschadbank. The message looked like this: “Your card has been blocked for security reasons. For more information, please contact: 0800 *** free of charge. “. Fortunately, everything worked (my mother immediately composed me by deleting the mentioned SMS from the phone).

However, not all “fish” are capable of jumping from a scammer’s networks. For example, recently, nearly 6,000 hryvnias were withdrawn from the account of a resident of the Podvolochysky district (Ternopil region), writes the local newspaper “Liberty”. We quote: “A male voice said,” I am an employee of FUIB Bank, we want to help you because the attackers have made a transaction from your account and you have to block your bank card. The woman was gravely alarmed, and “the bank worker” reassured, they say, now an SMS will arrive, with the help of which they will block the transaction. Esemasca came and the woman dictated the numbers that appeared in the message to “the employee”. He consoled: the account has already been blocked, but the money is suspended from the transaction, and to return them, you must enter the code which will be shown in the next text messages. The woman also dictated it. After that, she could no longer connect to the mobile application from her bank account. I called the bank’s hot line – they replied that 5939 hryvnias had been removed from his account and were asked to contact the police. “

A resident of Kalush (Ivano-Frankivsk region) also fell on the hook. With his bank card, 10,000 hryvnia were attracted. This is stated on the website of the online publication “Misto”. “The woman was called by an unknown person who presented herself as a” bank security officer “, whose services she uses, they say, the bank will change the terminals and her card will be blocked, then you will have to indicate the last four digits which will be sent by SMS to the telephone, – writes “Misto. “” The victim did, and a few minutes later, she received a message about the withdrawal of 10,000 hryvnia. “

But not a call (sms) from the unified “bank”. The stories told by scammers can be very diverse.


“The bigger the bank, the more cards it issues and the more customers come across such cases,” said Ukrinform, head of Oschadbank’s external communications department, Yaroslav Titova. “Most often, scammers attract money by calling themselves the security services of a bank or the National Bank, or representatives of medical establishments, social services, etc.,” says Titova. – Or – from the cool – during the coronavirus epidemic, there were often cases where fraudsters calling their victims said that they would have accumulated a state allowance. There are many options for attracting funds, but almost all of them are similar: they send an SMS to a person or they call and ask for personal and card details. “Consequently, the representative of Oschadbank notes:” The bank (representative, banking security service, etc.) never requests data on the card. This is confidential information and should never be distributed or disclosed to unauthorized persons. “

Ms. Titova also pointed out a rather interesting detail. It is generally accepted that more often than not, the elderly fall into the “legs” of scammers. But this is not the case. “This stereotype. Retirees have fewer cards. The vulnerable category is that of the middle-aged. They are the ones who actively use the cards,” said the head of external communications at Oschadbank.

Recognize the scammer: banks never need card data

Maxim Baturenko

In turn, the head of the risk management consultancy department of KPMG in Ukraine, Maxim Baturenko, explained to Ukrinform the main types of telephone fraud, as well as the people and targets of the attackers. And this, in particular:

  • socially isolated or lonely people (regimes implemented by establishing romantic relationships)
  • people in financial difficulty (schemes where an aggressor offers the victim an unsecured loan (provided that the latter pays a commission in advance, or that the aggressor presents himself to the victim as a collector, demanding to pay a non-existent debt), as well as investment programs at an unprecedented interest rate)
  • urgent help to a family member / friend – a con artist who usually focuses on the elderly and takes advantage of the fact that he is hard of hearing, pretending to be his grandson or granddaughter. “Grandson” says he is in trouble and needs money. There are many other such cases. The attackers use social media data to make the stories believable and speak in low tones, pretending they are crying;
  • lotteries – attackers tell a person that they won by drawing a prize in which they never actually participated. The victim is asked to pay fees for the issue or delivery of a gift or money. You can also offer them a pay phone to receive a prize. Often, scammers use the names of real jokes so that the victim can verify their legitimacy;
  • fraudsters call victims or send e-mails, posing as representatives of the judicial and tax authorities. In some cases, the fraudster demands immediate repayment of the debt, for example a fine overdue for violation of parking rules or overdue taxes. The fraudster can threaten that non-payment will increase the amount of debt or even the prison sentence.

Maxim Baturenko also drew attention to the fact that the methods of the fraudsters are becoming more sophisticated and that their approaches can adapt quickly. “According to KPMG’s global study on bank fraud, the trend of increasing both the number of external fraud cases and the amount of losses that result from them is gaining ground worldwide. Banks around the world claim that data security breaches caused by customers are beyond the control of banks. In other words, no one other than you is responsible for the fact that you have given secret information to the fraudster.


We asked a lawyer, partner of the BARGEN law firm Dmitry Nikiforov if they caught at least one of the scammers? And what sanctions are provided for such crimes?

Recognize the scammer: banks never need card data

Dmitry Nikiforov

The expert indicates that since 2012, the police have recorded each year the positive dynamics of this category of crimes. “Outbreaks of telephone fraud are associated with a deteriorating economic situation and an increase in the overall crime rate. In reality, such crimes are not investigated and cases of prosecution are rare, ”said the lawyer.

And this is due to the fact that the investigation requires at least a month just to obtain information from the mobile operator on the location of the mobile terminal from which the call was made. “First, the investigator must go to court to obtain permission to access the mobile operator’s base. The court decision can only be enforced in Kiev – at the main offices of the operators. Therefore, for example, an investigator from the Magnificent region of the Kherson region will have to spend several days traveling only. During this time, the fraudster easily changes the SIM card and the location and avoids any liability, ”explains Nikiforov.

Investigators can only identify if the victim knows the card number on which the stolen money was credited. Then you can track down where the money was withdrawn and get a video from the ATM, which will show the face, he says. “But then again, the card holder can be a leader. Therefore, in most cases, scammers avoid punishment, ”added the lawyer.

Finally, regarding sanctions, according to Nikiforov, depending on the amount of damage and the number of people involved, fraud can receive a minimum fine and an actual prison sentence of up to 12 years with confiscation of property .

Recognize the scammer: banks never need card data

Vitaly Vlasyuk

“There are no reliable statistics and cannot be. Most individuals who encounter this simply do not report. Not all statements are recorded by the police, first of all, given the lack of prospects. Although the police can, if they wish, work more actively in the fight, ”commented Vitaliy Vlasyuk, lawyer and managing partner of Pravo.

However, if the police are taken seriously and attracted to the “Cyber ​​Police” (NDE), then, according to him, the case is likely to succeed. “After all, they usually call / write from the same” seven “, which are not that difficult to calculate,” sums up Vlasyuk.


The Cyber ​​Police Department and the National Bank of Ukraine are constantly posting recommendations on how to have no problems after losing cash savings on a bank card on their official websites or Facebook pages. Ukrinform brought them together by declaring in ten paragraphs:

  • never tell anyone your PIN code, card number and expiration date, as well as their CVV code (the last three digits on the back of the card)
  • Under no circumstances transmit personal information in response to emails or calls from an alleged bank. It is better to call the official number of the call center of your financial institution and know the situation (a short number is indicated on the card);
  • a bank employee will never call you from a private number. If you are asked to send a password or other card information, do not do so until you have contacted the bank yourself and make sure it is not an attempted fraud ;
  • a bank employee can never call you to ask for your “check word” in the questionnaire;
  • practice buying and selling on the Internet, it is best to get a separate card for this. And keep as much money there as necessary for a specific operation. Do not use cards on the Internet that constantly contain large sums of money;
  • do not leave personal data and data on your card on websites in advertisements;
  • set the limit for withdrawing cash from the card: daily and for each transaction. If necessary, you can easily modify it, but for fraudsters, this will limit the action space;
  • connect to sms-banking to know all the operations on your account;
  • do not believe promises of “easy” money you did not expect (salary supplements, pensions, benefits, cash prize or “state compensation”). To receive a bonus, price or compensation, simply indicate your card number. Other card details for transferring money to your account are not required;
  • remember that a fraudster can pretend to be anyone: a bank employee, an employee of a pension or another fund, a caretaker, a volunteer, a buyer of the goods you sell, etc. .
  • If you manage to inform the fraudsters of the card data, block them immediately! To do this, you must either call the bank (at the number indicated on the back of the card or on the bank’s official website, via the application on your smartphone). And also leave the call any time of the day on the Cyber ​​Police Department website (you can leave the call – HERE).

    And for even more understanding on the subject of online payment security, we recommend listening to a podcast with Visa’s senior director of risk management in 17 countries, including Ukraine, Larisa Makarova, recorded by HB radio journalists (here for the podcast).

    Miroslav Liskovich. Kiev

    According to the materials:



    Source link

    Leave a Reply