Search form

Careful!

We would like to inform you that recently there has been a phishing action* on e-mail which targets potential BRD customers.

These types of actions aim stealing personal (identifying) data, as well as authentication credentials in internet banking and mobile banking.

If you receive such an e-mail, we recommend that you do not access the link and do not provide any sensitive information.
Please note that phishing e-mails were sent from addresses such as: updatesiosc@sanopotnosnisoi.com and admin2accountsys@systadmin.com.

Report any suspicion to mybrdcontact@brd.ro.

*phishing is a method of illegally obtaining confidential personal and financial data of victims by using methods of social manipulation consisting in the impersonation of trusted public or private institutions.

 

Other types of cyber threats or fraud attemps

Fake buyers

Be vigilant when you want to sell a product and use various sites to post a sales ad, even when the sites are famous.

How does it work?

You have a product for sale and you want to promote it through an advertising site. Subsequently, you are contacted by phone or WhatsApp by potential buyers who seem to be interested in your product.

Careful!!! Fake buyers are extremely skilled and convincing to make you disclose your bank card access data, motivating the fact that you will get in possession of the money much faster.

After a few discussions, you reach an agreement with the potential buyer, who tries to convince you to accept his offer to receive payment by card. Thus, the fraudster asks you to provide directly on WhatsApp / SMS the confidential data related to your card or to access a link sent by it. If you access that link, a WEB page will open, apparently belonging to the advertising site, but this site is completely controlled by fraudsters. This will ask you to enter the card details on which you would like to receive the money (eg card number, expiry date, CVV / CVC security code, 3D SECURE password received on your phone), including the registration / enrollment code of the card in the Apple Pay application (electronic wallet application). In fact, the fraudster captures all this critical access data to your bank account and, implicitly, the control over your money. This way, you end up sending your confidential data to fraudsters. Subsequently, based on this information, fraudsters can make various online payments, avoiding standard security filters.

How do we protect ourselves?

Please be vigilant, do not access the links sent by potential buyers and do not provide them with confidential data.

 

Various scams in the online environment

How does it work?

Online fraud is currently the most widely used type of scam internationally. The phenomenon is booming, correlated with the increase in the number of users and, at the same time, online transactions. The most common methods of fraud are:

Investment frauds that may include “opportunities” to invest in stocks, bonds or virtual currencies. Thus, various people guarantee you attractive earnings if you make various investments using certain trading platforms or transferring sums of money to accounts indicated by them. In reality, both platforms and accounts are controlled by fraudsters.

Inheritance / Unexpected donation by which you are notified that a friend or relative has left you a fabulous amount and the only thing you have to do is pay a fee for the transfer of money to the accounts indicated by fraudsters.

How to protect ourselves:

Avoid contact with strangers online
Be careful with offers that promise "safe" investments, guaranteed recovery or high earnings
Never send money or disclose confidential card data (PIN, authorization code, enrollment codes on various trading platforms, etc.), or copies of personal documents


Invoice Payment 

How does it work?

The fraudster obtains access to electronic correspondence (e-mail) between two business partners. It tells the buyer that the payment must be made to a new supplier account, which is actually controlled by the fraudster. In order to increase the degree of authenticity, a modified invoice is sent to the victim (containing the new account to which the payment is to be made), which is, however, very similar to the authentic one. If no checks are made on the correctness of the information and the request is granted, the buyer transfers the money to the account controlled by the fraudster.

Also, in other cases, the fraudster claims to be the legitimate representative of a supplier of goods and / or services and, in this capacity, requests the modification of the payment data so as to collect the value of the invoice in the accounts controlled by him.

Fraud can be identified late, when the real supplier warns the buyer that he has not yet collected the value of the goods / services provided.

How do we protect ourselves?

If you receive information about the change of the supplier / business partner's account, check the information (no matter how credible the request seems) and on another communication channel (eg by phone).