Republic Bank (EC) Limited St. Lucia is warning its customers to be cautious of a phishing scam that aims to trick them into revealing their online login details.
The bank stated that scammers are duplicating the Republic Bank Alerts Email Communication with a false transaction.
They then ask customers if they want to dispute a transaction and provide a link to click.
However, this link takes customers to a fraudulent website that looks like Republic Bank’s authentic online website but is not.
Once customers click the link, they are encouraged to input their information to access their online banking accounts.
The information requested includes:
- RepublicOnline User Login ID
- RepublicOnline Password
- Secret Answer
- Your Personal Email
- Email Password
Regarding Email passwords, Republic Bank said it would never request such information.
In addition, it disclosed that Transaction Alerts never require secret information.
The bank warned that if a scammer gets the requested information, they would have everything they need to impersonate the customer and log into their Online Banking account.
To prevent such scams, the bank alert provided examples of fake and legitimate emails and tips on recognizing phishing, including ‘subtle misspellings’ and ‘unfamiliar greetings.’
The bank explained that an email that starts with “Dear Customer” or “Hi” without acknowledging the customer’s name might be a scam.
Customers have been warned to be cautious and vigilant while browsing their emails and avoid clicking on suspicious links.
Don’t worry I have been fighting these same criminals for two days now. I have already shutdown one of their phishing websites. The malicious websites are being hosted in South Africa and I am working with the company to take all of them down. I will be honest these are no regular cyber criminals, they have resources, they are doing their research, they are watching us in the region closely. Be safe out there don’t fall for their scams. Don’t give out personal information over the phone or internet because you can never know who is on the other side.
We have had four of these emails already and we only opened an account with this bank last week!
Their online security must be poor as we haven’t even the sed the bank card yet!
@Anonymous, its not necessarily poor security on the part of republic bank. Currently cyber criminals are targeting the region with different schemes. They are making clones of banking and internet service provider websites to gather credentials from victims. I have tracked down the origin of the emails related to this attack all the way to the Netherlands in Europe. This may not necessarily be the location of the criminals as they tend to mask their real locations.
Over the last three days I have reported three websites to the hosting company in South Africa and they have since shutdown these websites. That should slow them down for now.
BTW I am not affiliated with Republic Bank, the phishing emails were caught by my systems and I started to investigate immediately to do my part.
They are watching us and I am looking right back at them.
I am old school, and although I use the internet to do various transactions, I will never trust it. There is always the potential for someone out there to be more computer savvy than I am. I have more confidence in doing monetary business the old fashion way, even though it is much slower.
business the old fashion way even if it is much slower.
@anonymous and @OhReally
There is no such thing as perfect security. Once hackers have enough time and resources, any system can theoretically be compromised. The best security is a layered defense. Layered means the bank has many protocols that provide an in-depth defense. Kinda like at your home when you lock on the doors, burglar bars, and active cameras. Maybe you have an alarm and guard dogs. That is defense in depth. If one layer fails, other layers may still protect. So, if your dog fails, the bars or alarm may work to stop intruders.
A hacker will always look for a weak point. In cyber security, we hack our systems ourselves to find these weak points, but humans are the weakest of all.
That is why hackers use so many social engineering techniques to try to manipulate users into giving them your personal information. I am trained in cybersecurity, and I have even fallen victim. Phishing, tailgating, baiting, and the list goes on. While I am writing this, I just got a smishing attempt. I got a text saying that the doctor would see me now. That is an attempt for me to text back, and they try to build a relationship with me to get my personal information.
Hackers may spend months researching a target org and building trust before launching a carefully crafted social engineering attack.
So, the bank cannot end or win cyber-attacks. Republic Bank needs a good security team that works every day to be one step ahead and wants its customers to behave as they are now.
@Lucian Traveler, I agree, defense in depth is necessary that is why you should also enable 2FA/MFA on your online accounts when available.
@Lucian Traveler, Yes, banks should have top class cyber security teams always monitoring the space for threats. It is a shame that I was the one doing an full investigation and putting the pieces together resulting in three malicious websites being shutdown, this is not my job.
I also received one from Axcel finance so they need to look into it as well saying that my loan is paid. Dont even know Axcel and I dont have loans.
Certes how do know that is africa on the whole ?
But they know how many strands of hair each one has,and they are the ones who invented internet plus.
So it artificiel intelligence to be blame and africains to be condemned ⚖️
Morena, if you do not understand the topic please do not come in with an offensive tone. No one is blaming the Africans.
I would never respond to an email or a phone call from any bank – instead I will make a personal appearance at the bank. Scammers are utilizing and cloning the bank numbers as well as voices of contacts within your phone. As a result, the number will show up and will be reflected as the bank in which you do business. I literally watched this being performed and I was shocked (cloning of the voice). Some folk have literally lost a fortune and some their entire life savings and their life at the hands of the scammer.
https://www.nytimes.com/2023/08/28/world/asia/cambodia-cyber-scam.html