How to reduce eBanking fraud risk
Every day fraudsters find new ways to target you. By now they realise that emails with broken English are not going to fool you, so they are upping their game. Fortunately, there are a few things you can do to protect yourself.
What do fraudsters do?
eBanking fraud covers all kinds of phishing and malware infections. It can affect both your company and your private life. Whatever the case, criminals will try to steal money by luring you to share your identification or verification codes.
Fake Google advertisment or sponsored result
When you google for "login InsideBusiness" (or similar queries) and, as the top result, you might get a fraudulent Google advertisement or sponsored result leading to a fake ING Wholesale Banking or InsideBusiness webpage. These fake pages are almost identical with the real ones. Fraudsters will try to obtain your login credentials through this fake website.
Trickster 'bank employee'
You receive a call from the fraudster pretending to be a bank employee. This is called spoofing. They will ask you to perform some sort of security check or 'update', requiring you to generate one or multiple verification codes. A real employee will never ask you to do this.
Fake SMS
You receive an SMS which seems to come from ING with a link to a fake ING Website. You click on the link and once you land on the fake website you are asked to fill in codes and personal data. While you are doing this you are called by a fake ING agent on your mobile, asking for your credentials. Once the fraudsters logged into your account, they can transfer your money out of your account.
Malware infection
Malware infections typically occur when you open attachments or links in a malicious email, or when you visit compromised websites which exploit vulnerabilities in your browser or operating system to install ransomware. Ultimately, malware will try to steal your personal data and execute fraudulent payments on your behalf.
What can you do to protect yourself?
- Keep your PIN and generated security codes secret. Never reveal these secret codes to anyone who asks for them. ING staff will never ask you for your codes or PIN. If someone is asking for them, end the conversation and inform ING about the incident.
- Always check if Google advertisment or sponsored result lead you to ING’s safe and secure website: ingwb.com.
- ING will not send you an SMS with a request to follow a link.
- Make sure that you go to the correct login page for InsideBusiness: https://insidebusiness.ingwb.com/.
- Besides the URL, also check the padlock in the address bar of your browser. That means that the connection is secure and you can check that if the certificate has been granted to ING Group N.V.
- Implement the four-eye principle for transactions.
Other tips to stay secure
- Never generate a security code when not accessing or using online banking yourself.
- Always check the details, i.e. amount, beneficiary name and account numbers of all payments you are about to sign.
- Always close an active web browser session properly by clicking on ‘Log out’ and never leave your computer unattended when you have an active session. Close the session or lock your computer.
- Check your statements and reconcile them regularly. View your debits and credits regularly at least once a week.
- Protect your work environment by reading and applying the information ING has provided with regards to ensuring a safe work environment.
- On a periodical basis, check your registered access means for InsideBusiness, and the access means of your colleagues.
Learn more about fraud prevention
Go to our banking safely page or download the leaflet below.
Disclaimer
The information on this page is provided to you solely for informational purposes in order to make you aware of the most frequent cases of fraud and provide you with recommendations to protect yourself against it. This information does not ensure that your company, acting upon these recommendations is or will be protected against any occurrence of fraud detailed on this website. No rights can be derived from the use of and reliance on the safeguards you take by following up these recommendations. ING does not accept any responsibility or liability with respect to your reliance on and the actions you take as a result of these recommendations. This disclaimer is governed by Dutch law.