In the name of S-Bank, the emails that are impressive by the real S-Bank are currently in the name of the S-Bank. The contents of the scam messages are copied directly from the S-Bank bulletin.
S-Bank’s name spreads skilfully made of scam email. Pekka Karhunen/KL
S-Bank’s name is spreading ”S-Bank Newsletter January“Complies with S-Bank’s correct marketing messages in both appearance and in Finnish. At first glance, distinguishing a scam message from a genuine is almost impossible.
The “S-Bank newsletter January” scam message includes the title “Feeling of control of your own economy in almost one in three under 40s”. However, the “Read the full bulletin” link at the end of the text will direct the user to the scam site instead of a genuine S -bank.
Cheat. You can check the address in the link by putting the mouse pointer over the link.
Other subtitles in the scam message include “versatile S-Etukort Visa”, “Comprehensive Services for Students” and “Diversion in one investment in Finland”. Unlike the correct S -Bank bulletin, however, the Read more points at the end of these sections are not links and do not lead to anything.
All the topics in the message have been copied as such from the bulletins and other customer communications on the S-Bank website. The scam message can only be distinguished from the correct message from the email sender address, which differs from the S-Pankki.fi address used by S-Bank.
Also read: Did you get a suspicious request? This is how the intruder works
Also read: Banks are required to have more responsibility for scams
The Cyber Security Center of the Finnish Transport and Communications Agency specialist Juha Tretjakov Carefully treat the links with text messages or emails.
“While clicking the link itself is not dangerous in itself, but if you ask your bank IDs, payment cards or other identification information behind the link, then at the latest, the alarm clocks should ring,” he says.
Scams made in the name of banks typically try to fish for online banking codes. Tretjakov warns against providing bank IDs as criminals can use them in many ways.
– The problem is that when a consumer clicks on the link leading to the scam page, he does not know he is a scam, but thinks he is signing up on a right page.
When reading a message on your computer’s browser or email client, you can check the target address by putting the mouse pointer over the link. Mobile devices can be checked by holding the link at the bottom.
At the end of the scam, there is also a “thus recognizing a scam message” copied from the S-Bank’s correct bulletins, which is intended to fool the reader even more. At the end of the warning text is a link that instructs you to read more about safe banking on the S-Bank website.
Skillful scam. In a scam message sent in S-Bank’s name, even a scam warning has been copied from a genuine message.
Here, too, the scam message has been made to resemble as much genuine message as possible, as the link leads to the real S-bank. Although the link enters the S-Bank’s website, it should not be pressed.
The Cyber Security Center advises that consumers do not follow the links in the messages, but to use service -specific applications or browser bookmarks.
– If you find that you have been cheated and your bank IDs have been in the hands of the criminals, you should be the first to contact your bank and tell what happened. If the client has been the victim of a crime, then a crime report must be reported, Tretjakov concludes.
The editorial also requested a comment from S-Bank, but the bank’s communications were not answered until the publication of this story.