OTP Bank Romania warns about the increase in attempts of bank fraud in the last year, in the socio-economic context generated by the pandemic situation and the accelerated trend of digitization of a wide range of services.
According to a OTP Bank local analysis, done between July 2020 and July 2021, there is a growing trend of diversified frauds, based on social engineering, both in terms of number of incidents and value transactions as a result of compromising customer cards.
“A large number of fraudulent transactions are successful due to customer card confidential information being compromised. It is a percentage of approximately 59%, and the share of amounts lost by customers is 54% of the total amounts initiated. It is a phenomenon that can be met through financial and digital education, through information and awareness regarding the risk of fraud, so that customers can protect their confidential data and avoid becoming a victim of fraud based on social engineering,” said Florin Orban, Head of Banking Security & Anti-Fraud OTP Bank Romania.
Frauds committed through social engineering aim to deceive users, through psychological manipulation, to disclose confidential information or to take certain actions by which their personal and authentication data is stolen. Such as: name and surname, address, city, county, card number, expiration date, CVV security code, personal numeric code, or telephone.
The most used methods of fraud are phishing, through electronic messages requesting personal identification and authentication data or to access certain websites, and fraud through e-commerce platforms. To the same extent, personal data can be stolen either through Smishing, phishing via SMS, or through Vishing, the method by which victims are called by phone and manipulated to disclose personal information or even make transactions.
OTP Bank Romania implements high security standards for the confidentiality of its customers’ data, information, and documents, through technical and operational measures adapted to the technological development.
To avoid such situations, three tips are essential:
- DO NOT respond to messages requesting personal information;
- DO NOT access the proposed links;
- NEVER communicate data related to your cards (e.g., PIN code, CVV2 / CVC code – represented by the last 3 digits on the back of the card).
If personal information for the use of cards and other payment methods associated with accounts held with a bank is compromised and fraudulent transactions are carried out with this correct authentication data, European rules do not allow the recovery of lost amounts.
As a precaution, contact your bank to check any situation, especially if the messages received are impersonal and have grammatical or syntax errors. The bank will not ask its customers to modify or confirm their personal authentication data by phone or by accessing a link in the content of an email.