Draft warning and awareness message regarding a phishing campaign targeting banks

A new phishing campaign targeting banks in Monaco is currently underway.

This fraudulent operation uses emails, text messages and phone calls impersonating banks and payment services to gather confidential information including usernames, passwords and bank card numbers by inviting recipients to click on a link leading to a fake website that is an exact reproduction of a customer portal.

How to recognise fraudulent messages:

There are a number of signs that can help to identify a phishing attempt:

Tone designed to induce fear or prompt action (“Your account will be blocked”, “immediate action required”);
Request for security codes, personal or banking information;
Spelling errors, different logo or unusual presentation.
Link to a website whose address is slightly different to that of the official website;

Recommendations:

To protect yourself, we strongly recommend that you:

DO NOT RESPOND TO THE SENDER;
where possible, contact the organisation concerned directly to confirm the message or call that you have received if you have any doubts;
report the email as spam and/or block the sender;
once reported, permanently delete the message.

never share your usernames or PINs, even with someone who claims to represent the bank;
do not click on links or attachments in suspicious messages;
check the sender’s real email address by holding your finger on the <sender> field (on a smartphone) or hovering the mouse cursor over the link (do not click on it) if you are on a PC;