Often, small typos and mysterious senders on e-mails and SMS can be a clue that some danger is on the way. Recently, Vipps found out that this is not necessarily the case anymore. Recently, someone tried to pretend to be customer service in Vipps. The email address was [email protected], which may look apparently genuine. In addition, the colors and the message itself were simple and almost correctly written. – The design is very similar to an e-mail that abounded earlier in January when we noticed an increase in fraud attempts on SMS and e-mail, and warned our customers on our own websites. The exception here is that the sender now looks more genuine, explains communications manager Caroline Lunde at Vipps. This is what the message looked like: Here, a fraudster has pretended to be Vipps, and wants the recipient to click on the link. In that way, they manage to defraud the recipient. Photo: Screenshot Lunde emphasizes that the e-mail address used by the fraudsters is not used by Vipps. – We have a similar email, but we do not use it to communicate with customers about personal data. According to Vipps, it is becoming increasingly difficult to detect attempted fraud, and this is a major problem. – We have almost all Norwegians as customers, and that is very often abused. We do not like the fact that fraudsters use our name and the trust customers have in us. Absolutely not, says Lunde. Vipps has over 4.3 million users, and in order to detect fraud attempts, it is important to get feedback from customers in order to map the scope. – There are many customers who make contact, and that is what we want. Because we have no record of how many people receive fraud messages, as we are not the ones who send them out. Feedback from our customers is therefore very important. She explains that there are periods with several examples of attempted fraud, and so far this year approximately 1,500 vippsers have made contact about fraud-related topics. – There is a marked increase from the same period last year, says Lunde. – Scary Even though the fraudsters have become more creative, there are still a number of language issues that are repeated, which it is wise for the recipients to be aware of, according to Vipps. In the latest fraud case, the visible language errors appear in small print. It says “The owner of the Vipps stored value facility does not require approval from the monetary authority in Norway. Users are advised to read the terms carefully”. – It doesn’t make sense, but what is a bit scary in this case is that they also use our slogan “Vipps AS – made in Norway, with love for simplification”. They have really done their due diligence, and you have to be very attentive to notice mistakes, she adds. More credible Julie Hæhre, information manager at Telenor, says that they feel that criminals’ attempts at fraud are becoming more and more credible. – In many cases, it is very difficult to see that SMSes and emails do not come from the sender that the message purports to be from, she says to news. She explains that this attempted fraud is called phishing, which means that someone is trying to trick personal information out of you. Preferably by sending fake emails that look like they come from someone you trust. What is “Phishing”? Phishing, in Norwegian also called netfisking, is a term for digital snooping or “fishing” for sensitive information, such as passwords or credit card numbers. As Hæhre explains, scammers do this by sending fake emails that look like they come from someone you trust. For example, one can do it through “spoofing”, by making a message appear to come from a known sender. – The sender e-mail address in this case is “spoofed” in such a way that it is almost impossible for the recipient to see that this does not come from Vipps. Spoofing is when the real senders hide behind another real sender identity. It is therefore important that you are very skeptical about following links you receive in SMS and e-mail, even if they apparently come from actors you trust. Rather, use the login methods you normally use, Hæhre recommends. – You should also pay particular attention if you receive text messages or e-mails that say you owe money or have money to your credit, or that a subscription or account has been blocked. Often the fraud inquiries are also very limited in time, where you are asked to act quickly. The point of this is to stress you out even further, so that you don’t have time to think about it, and are therefore perhaps a little more uncritical. Information manager at Telenor, Julie Hæhre, believes it is important that people are very skeptical about pressing any longer when receiving an SMS or e-mail. Photo: Martin Fjellanger / Telenor Never ask to share sensitive information Despite the fact that it is sometimes difficult to detect attempted fraud, the communications manager at Vipps has some advice for customers. – Vipps will never contact you by email to ask you to share sensitive information. If you receive e-mails or SMSs like this, take the time to check the sender, and do not click on links if you are not absolutely sure that this is real, and do not share personal information. If you are unsure, go to the Vipps app, this is where we interact with customers about personal data. Those are our best tips, says Lunde.
ttn-69