Online and computer fraud

What is phishing?

Phishing attacks are fraudulent emails or websites designed to trick users into sharing sensitive information. Phishing may be used in conjunction with vishing (phone fraud) or smishing (sms fraud) where criminals will follow up via very convincing phone calls or text messages. Criminals may already have some of your personal data and could exploit this knowledge by presenting it to you as a means to establish credibility. This is a deceptive ploy to trick you into revealing more information, enabling them to carry out their manipulative tactics.   

How does phishing work?

  • You will receive an email pretending to be form a legitimate source e.g. your Bank, Telephone company, Revenue or other reputable company.
  • The email may contain a link or attachment requesting you to click on the link or download the attachment to complete a specific action such as “re-activate your account”, “update your security details” etc.
  • Once you have taken this action you may be brought to a fake website where you are required to input a range of personal and security details e.g. Internet Banking details, your password or your personal access number etc.
  • Once the details are given away the criminal has your Internet Banking details and can log into your internet Banking as you and transfer funds from your account.
  • This fraud may be used in conjunction with Vishing or Smishing (see Telephone frauds). Where criminals will follow up with a phone call. As they may already have some of the information you have just provided they may seem convincing.

Back to top

PTSB will never:
  • Ask you any online banking passwords over the phone, via email or text message.
  • Ask you to email or text personal or banking information.
  • Send an email with a link to a page which asks you to enter your online banking log in details.
  • Send a text message with a link to a page which asks you to enter your online banking log in details.
  • Ask you to authorise or transfer funds to another account for security.
  • Ask you to cancel a payment by entering a One Time Password, or cancel a request via the PTSB app.
  • Ask you to carry out a test transaction online.
  • Provide banking services through anything other than the bank’s official apps.

If in doubt, stop, think, and call your financial Institution on the number on the Debit/Credit Card issued by your Bank immediately.

How do I protect myself from phishing?

  1. Don’t respond: Never reply to any email asking for financial, personal or security information unless you independently verify that the email came from the company it claims to be from.
  2. Security details: Never give away security details, such as your PIN or full online banking password to anyone.
  3. Links and Attachments: Never click on a link or attachment in an email until you have verified it is from the source it says it is from.
  4. Too good to be true: If it looks too good to be true, it probably is.
  5. Be suspicious: If asked for bank card information or security details via email. Remember card issuers and Banks will never ask for full account, card, PIN or security credentials.
  6. Never divulge your OTP (one time passcode) to a third party caller.
  7. Never complete authentication on your PTSB app, unless you have triggered the request yourself.
  8. Never complete authentication on your PTSB app on the request of a third party caller or SMS received.

Back to top

Important Information: Remember, PTSB will never call, email or text you asking for: your account details, your Open24 number, Internet Password, Personal Access Number (PAN), your Visa Card CVV number or One Time Passcode. If you ever get an unsolicited phone call, email, text message or pop-up asking for any of these please contact us on 0818­ 50­ 24­ 24 or +353­ 1­ 212­ 4101.

Example of fraudulent emails

Identifying fake emails requires continuous learning as hackers, scammers and technology become more sophisticated. Familliarise yourself with the below examples to help you identify fraudulent text messages. 

fraud email example.PNG

Back to top

How can I protect myself online?

Using up-to-date good quality internet security software is a must but you should also protect yourself in other ways:

Your Banking

  • Free Wi-Fi is readily available but it may not be secure even when it requires a password. If you use public Wi-Fi you are risking your online identity and your banking details.
  • Keep a record of all your online transactions.
  • Make sure that you conduct your financial transactions only on a secure web page using encryption. Look for a closed padlock in the status bar, and see that the URL starts with a “https” instead of just “http”.
  • Change passwords regularly– we recommend that you use a separate email address and device for your banking needs.
  • Be aware of unsolicited emails asking for bank card or PIN numbers and never divulge this information.
  • Be aware of phoney emails/websites that try to trick you into giving personal information including mobile telephone numbers, mother’s maiden name and date of birth etc. Try to use a known web address.
  • Never send money to or share the details of a money transfer with someone that you do not know.
  • Where a site shows the last time that you logged in, always check that this reflects the last time you accessed the website.
  • Always type in the web address www.open24.ie and login to your internet Banking from there.
  • Avoid saving links to your favourites or clicking on non-PTSB sites or emails as they may be compromised by fraudsters and bring you to a fraudulent website.

Important Information: Remember, PTSB will never call, email or text you asking for: your account details, your Open24 number, Internet Password, Personal Access Number (PAN), your Visa Card CVV number or One Time Passcode. If you ever get an unsolicited phone call, email, text message or pop-up asking for any of these please contact us on 0818­ 50­ 24­ 24 or +353­ 1­ 212­ 4101.

Back to top

Your Device – Computer/phone

  • Make sure you have the latest security updates on your computer or phone.
  • Install a personal firewall to protect your device contents.
  • Install an anti-spyware programme, and password protect your device.
  • Never leave your device unattended when you are logged into your account.
  • Take extreme care when allowing applications access to your device particularly if you are requested to download applications.
  • It is important to have your anti-spyware, spam filters and anti-virus software on your device. Keep it up to date!
  • Avoid using the internet in public places, like internet cafes.
  • Keep your passwords private and change them often. Check out of guide for creating a strong password.
  • Ensure that only your biometric (face or fingerprint) is registered in your device settings. 
  • Always clear your browser caches regularly.

Back to top

Your Identity

  • Be extremely cautious about the type of information that you make public.
  • Never post your personal details such as telephone number, date of birth, address or employment details on Social networking sites.
  • Learn about site security privacy features on social networking sites and set them to a level you are comfortable with. Be careful who you allow to be your ‘friend’ or join your network.
  • Take extreme care when allowing applications access to your pages.
  • You should never hand over your username, password, account number or any other personal or confidential information.
  • Be careful when talking to or messaging strangers: you don’t know who they really are and never send money to an unknown source.

Back to top

Shopping online

  • Keep a record of all your online transactions.
  • Opt out where you can - companies may send you marketing mail or share your details in mailing lists with other companies.
  • Check the URL when you are providing payment details for an online purchase; the "http" should turn into a "https".
  • Check the lock symbol on any websites homepage to see if it's genuine before entering your security details.
  • Be aware that purchases from private sellers may be more at risk than those from registered businesses. Buy from well-known companies where possible.
  • Take care when downloading files such as music, software etc. These files may be infected or have “malware” programs attached.

Back to top

Emails and texts requesting information

  • Be skeptical – It’s better to err on the side of caution. Unless you are 100% sure that a particular message is genuine, assume it is not.
  • Check the email address. Is it the same as the email address you usually receive emails from, or is it just similar?
  • If you receive a notification from your bank (SMS/In App message) with a passcode required to complete an action or transaction please ensure that you fully read and understand the message before using the code provided.
  • Be careful if there is an urgent call to action in the e-mail such as ”Security Alert”, “Your account has been blocked”, “If you don’t respond your account will be closed”. Criminals want you to act quickly and without taking due care.
  • Do not click on links, download files or open attachments in an e-mail unless you are sure of its authenticity.
  • Only open an attachment when you are expecting one, when you know what they contain and you are confident it is from a genuine source.
  • If you are unsure, pick up the phone, call a secure number from a legitimate source and validate the message. Remember, a genuine individual/company may have had their e-mail compromised.
  • If your browser has a pop-up blocker, you should use it.
  • Do not copy any website addresses from a pop-up window into your browser, as a legitimate company will not ask you for your information in a pop-up window.

Back to top

Important Information: Remember, PTSB will never call, email or text you asking for: your account details, your Open24 number, Internet Password, Personal Access Number (PAN), your Visa Card CVV number or One Time Passcode. If you ever get an unsolicited phone call, email, text message or pop-up asking for any of these please contact us on 0818­ 50­ 24­ 24 or +353­ 1­ 212­ 4101.

Unsolicited Virus, Infected Email or "Order Received / Invoice Processed"

Virus Infected unsolicited email claiming to inform Email users about anything from “Order Received / Invoice Processed” and variations thereof. This invites unsuspecting users to a website where a virus is downloaded which may subsequently infect the PC. As with any unsolicited communication, you are advised to delete any suspicious communication if unsure of the origin/source.

Back to top

Trojan Viruses

A Trojan is a computer program that appears legitimate (you may not even know that it is on your PC), but performs some illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk.

Back to top

Spoofing

Fraudsters will make a fake website or email or telephone number that looks like the genuine one that a person may use regularly. They can acquire personal information, passwords, account/credit card numbers, and online details etc.

Back to top

PC Support Fraud

Criminals will attempt to gain access to your computer by calling up and saying you have a problem with your computer. They often claim to be from large legitimate corporations and will either ask for a payment to fix your computer or ask you to download a software patch. In the first case they will steal your credit cards details and in the second instance they will infect your machine with spyware or malware that will provides access to your machine bandwidth to support other attacks.

Back to top

Social Networking Friend Requests

Scammers take advantage of this social time of year by sending out authentic looking friend requests via email. You should not click on the links in the email but sign into your social networking site and look there for friend requests. If you click on a link it could install malware on your computer. Beware of related scams such as "Help I’ve been Mugged!", this is when you receive a fake distress message from someone in your network requesting money as they have been robbed whilst travelling.

Back to top

Social Network Virus

This is very basic and involves a friend posting a link on your social network wall page or in the status update. This gives the impression that the site is a safe site to visit. However, in some cases it is the result of malware and could result in the download of viruses on your machine.

Back to top

Smartphone app scam

Malicious spyware is disguised in a game or an application, which is then marketed to users. If downloaded, the malware steals data from the phone, such as passwords and financial details. Always check a developer is legitimate and review comments regarding the app.

Criminals purporting to be from Anti-virus companies contact customers requesting access to their PC in order clean the PC for a small fee.

Back to top

Back to top
Page loading
Close takeover popup
PTSB logo

Altogether more human