Phishing attempts are currently widespread, with particular attention to so-called secure account scams, which first emerged in Finland during the spring. Nordea reminds everyone that banks or authorities will never ask for confidential information through email, text messages, or phone calls.
According to Sara Helin, an expert from Nordea's fraud unit, a new form of fraud has been on the rise, especially during the summer.
"Secure account scams have been troubling Finns since spring. Spring and summer are typically times when criminals come up with new fraudulent methods," Helin explains.
Secure account scams are commonly carried out in two stages. First, the victim receives a text message luring them to a phishing page that asks for their online banking credentials. Afterward, the fraudster typically poses as a bank representative, calling the victim and instructing them to transfer funds to a supposed "secure account."
"In such cases, the account provided by the caller is, of course, under the control of the fraudsters. The victim may also be asked to download a remote control program, through which the criminals gain access to the victim's mobile device," Helin describes.
The number of fraudulent calls in Finnish has been significantly high during spring and summer, with numerous reports coming into the bank. Moreover, the number of cases related to phishing calls handled by Nordea has multiplied after the first quarter.
Phishing Attempts in the Name of Multiple Actors
Phishing aims to obtain personal information from victims, such as banking credentials, card details, or PIN codes. Scammers do not limit themselves to posing as banks; they may also impersonate other entities.
"We constantly see attempted fraud through text messages and emails, with scammers pretending to be authorities like the tax office, Posti, banks, telecom operators, Suomi.fi online service, and payment service providers like MobilePay," Helin warns.
Apart from traditional phishing methods, social media and messaging apps are flooded with deceptive contacts. Parents may be approached with requests for help supposedly coming from their children, and acquaintances may report lottery winnings via Facebook Messenger. The Finnish Cyber Security Center and the Police have recently issued numerous warnings about these phenomena.
Never Disclose Bank Credentials to Outsiders
According to the financial sector, Finns lost a total of 32 million euros to cybercriminals in 2022. This figure includes only the fraud cases reported to banks. Most significant losses occurred through phishing.
Banks or authorities will never ask for banking credentials, card details, or PIN codes through email, text messages, or phone calls. Never share your online banking username with anyone via any messaging app, even if the requester claims to be a family member.
"Even though we may be more relaxed during vacations, we must remain vigilant regarding unexpected contacts to avoid harm. If a phone call seems suspicious, you can always hang up. If you doubt an unexpected payment request received via message, verify it with the recipient or the person who gave the instructions, for example, through a phone call. You can always confirm the authenticity of a contact from an authority through official channels," Helin advises.
It is crucial to warn others about phishing attempts that have targeted oneself and prevent someone else from falling victim to such scams. Report any fraudulent attempts to your loved ones and inform the Finnish Cyber Security Center as well as the company whose name the phishing attempt was carried out under.