Cybercriminals have recently begun targeting their potential victims through the smartphone messenger app WhatsApp.
While the medium may have changed, their purpose remains the same: getting you to reveal your personal details and bank details β specifically, your debit card number and the codes displayed on your card reader when using online
banking services.Β
Meanwhile, these fraudsters can then use these details to access your online banking account and make payments β with you being none the wiser.
How the criminals operate?
Do you ever sell any used items online (e.g., through buy-and-sell websites)? If so, thereβs a chance an βinterested buyerβ will contact you on WhatsApp who, in reality, turns out to be a scammer. Before transferring the amount to your account, this
criminal first asks you to transfer a marginal amount (say, β¬0.01) to his account βjust to check that everythingβs OK.β
The scammer then sends you a WhatsApp message containing a link.This link will direct you to a counterfeit website.
There,Β you are asked to:
1.Β enter your card number;
2. enter your response codes (these are the codes displayed on your card reader when making transactions).
Once they have their hands on your card number and response codes, they canΒ log in to bank online in your name and steal from you by fraudulently transferring money from your account.
How can you protect yourself against phishing via WhatsApp?
- For one, you should never respond to requests for payment from unknown parties.
If you need to make a bank transfer, simply log in to the KBC-website
(www.kbc.be) or useΒ KBC Mobile.
Β Β Β Β -Β Β Β Β If youβre buying something online, you only need the sellerβs account number (IBAN) to transfer a payment.
Β Β Β Β -Β Β Β Β If youβre selling something online, itβs sufficient to give the buyer your bank account number (IBAN).
If they ask for any other details, itβs very likely youβre dealing with a criminal.
- Always keep your PIN and the codes generated by your card reader a secret β they are the key that unlocks your money and they are personal to you.
- Β Please note: Scammers are increasingly using bogus websites with URLs starting with https://. The βsβ in https stands for βsecureβ and tells you youβre using a secure connection. However, this provides no guarantee that the party youβre dealing with is trustworthy.
To find out if the KBC website orΒ KBC Touch youβre using is legitimate, check the URL in your browser address bar:Β
Β Β Β Β -Β Β Β Β TheΒ URLΒ ofΒ the KBC-websiteΒ starts withΒ www.kbc.be.
Β Β Β Β -Β Β Β Β The URL for KBC-TouchΒ starts withΒ 'https://KBCtouch.KBC.be'.