Security – Warning to the client
Banco Finantia does not send emails, SMS or other means of communication to its clients requesting account details or login data, so in no case should customers provide this data or introduce them in these circumstances. Customers should not respond to this type of communication, nor follow any links contained therein.
Customers should never disclose their account, login, and password data. The sites authorized by Banco Finantia can be consulted in the document "Sites Finantia" (pdf download), so the client must be aware and if he detects any other address that presents visual similarities, phonetic or denomination, must refrain from using it or the contacts indicated therein and immediately contact Banco Finantia through the usual channels.
To prevent fraudulent use of the Homebanking Service, you must take the following preventive measures:
a) keep the "Access Code" secret;
b) do not allow the use of your "Access Code" by third parties, even if they are mandated to do so;
c) to memorize the "Access Code", refrain from writing it;
d) not keep or register the "Access Code" in a way that may be intelligible or accessible to third parties. In case of loss, theft or loss of the "User" or "Access Code", the customer shall immediately notify Banco Finantia.
Some globally fraudulent practices:
This threat consists of fake messages sent by criminals who pass themselves by companies or trusted people. They send the bait and often the victims are caught.
Some examples are: a very urgent email, "from the bank", warning that the account has been blocked; a generous offer from a well-known company, which has to be taken advantage of in a short time.
Forms of Attack
The most common form of phishing attack is through email. Sometimes criminals use domains that look like real emails, or even common domains like Hotmail or Gmail. In cases where someone has been the victim of a phishing attack, criminals may have access to that person's account and misuse their email, impersonating the victim.
Generally, the attacks have in common the alarming tone. Typically used phrases such as "your bank account has been blocked" or "your email account will be deleted", to attract the victim's attention and make them act quickly without thinking.
- Always check the sender's email address;
- Confirm the contact and signature information of the email;
- Do not click on the links without being sure that the sender is trusted;
- Do not download attachments without first scanning with antivirus;
- Always confirm, in other ways, cases of unusual requests for the transfer of files or money;
- Never write sensitive data and access passwords on forms or pages sent by email.
It’s a type of Phishing performed by SMS and text messages sent to your phone. Typically, these messages ask you to click a link and fill out a form or reply to the message. They can talk, for example, about the need to update information or the opportunity to claim an unmissable prize.
Forms of Attack
By clicking or replying to the message, the victim may be directed to malicious websites, where, once personal data has been entered, they may be misused by criminals. Targets are usually personal information, such as address or VAT, bank details, and bank access passwords, social networks and email.
Never click on links sent through messages from unknown senders, and never provide your data on unknown forms or websites. Whenever you make purchases or transactions that require data entry, verify that the URL starts with https (security protocol) instead of http.
It is the third type of Phishing, performed through phone calls. With the use of social engineering techniques, attackers try to convince victims to provide their data.
Forms of Attack
Calls can be made directly by a person, recordings or automated voices. It is common for the attacker to indicate that he/she needs to confirm the personal data recorded in the bank, authorize a bank transaction, or grant a credit.
Do not provide personal data by phone to strangers. If you actually have outstanding bank transactions, call your bank directly through the official numbers. Do not call the numbers indicated by the caller, as these may also be part of the malicious scam.