Scammers have once again become active with various phishing schemes to acquire personal data from clients of credit institutions using special fake advertisement links in internet search engines, mimicking real homepages of banks, warns Citadele Bank’s IT Security Office.
Fake links put in search engine results lead users to a website that is almost visually identical to websites used by banks. The goal is to record clients’ access codes and other personal authentication data. «Fake advertisements can be identified, because they will have an Ad label. Unfortunately, we receive reports that residents, either due to recklessness or ignorance, still click on such links and provide data,» explains security expert Roberts Birzgalis.
How does this type of scam work? The scammer creates an Ad in a search engine (Google or other) to make sure it shows up first in the search results. A user, thinking it is his or her desired search result, clicks on the fake link. Then he or she is taken to a phishing site that looks almost identical to the real one. Phishing sites are used to steal sensitive data (username, password, authorisation codes, payment card data).
How to identify phishing? Always check to make sure the website’s address shows up in the address bar. Users are advised to look for any changed symbols or unnecessary words in the address. If users visit websites, frequently, it is advised to bookmark it to make sure the search engine provides that and only that…
