Obtaining online bank log in or card information (phishing)
Phishing is a scamming method which uses different approaches, such as emails, text messages, phone calls or manipulating search engines (such as Google or Bing), to trick the customer into entering their personal online banking or payment card details into websites created by the scammers, or stating them over the phone. The scammers use this information to make purchases or transfers from the customer’s bank account.
Scammers create a duplicate of an online banking or e-store website, which usually looks very similar to the original. Afterwards, the link to this fake website is shared via email, text message or in internet search results. Emails and texts are usually sent as if from the bank, asking you to click on the link to, for example, view an important message, block an outgoing payment, or change your login details.
There are cases when the scammer submits an advertisement to a search engine (like Google or Bing) so that it appears as the first search result. The user clicks on the advertisement, which has a fake link, and is forwarded to a phishing site which looks identical to the original service provider’s website.
Fraudsters also impersonate state institutions, companies, or portals, such as the State Revenue Service (SRS), 'Latvijas Pasts,' or the justice portal elieta.lv. When recipients receive fake text messages or emails, they are invited to click on a link provided in the message or email. The purpose of these messages is to claim overpaid taxes, to do customs clearance, or view documents supposedly related to legal proceedings. Clicking on the link redirects the person to a phishing website where they are asked to enter their internet banking access data. This information is then used to defraud financial resources, acquire various loans, and make purchases in instalments.
Fraudsters also obtain the necessary data to activate Google Pay and Apple Pay payment methods. Pretending to represent a legitimate state institution, company, or portal, fraudsters invite individuals to click on a link under the pretext of receiving, for instance, an undelivered package. Upon opening the fraudulent link, users encounter fields where they are prompted to input their card details and activation code for Google Pay or Apple Pay. This misleading process grants fraudsters the opportunity to link your payment card with their device's Google Pay or Apple Pay wallet, enabling them to carry out unauthorized transactions.