BOV issues warning on dangerous texts sent on the same threads as legitimate messages

On Thursday (today), Bank of Valletta (BOV) issued a warning urging customers to be wary of a series of new scams that are currently in circulation. Some of these new scams are in the form of SMSes messages, that include links to fake sites, claiming that customers’ debit or credit cards are blocked, or that their password has been locked. They also ask potential victims to click on the link to release their cards or passwords.

Other scams are in the form of alerts about transaction authorisations, asking customers to insert their card data to cancel transactions if these are not authorised. Other SMSes warn customers that their mobile signature is restricted and ask them to log onto a site guising as a BOV internet or mobile login to release the signature.

For the past years, many locals became accustomed to receiving calls and messages from numbers in different countries. The scams ranged from messages about fake customs duties owed to postal companies, anti-money laundering warnings claiming the recipient committed some malicious crime, and many more. With each new trend, scammers and fraudsters were getting sneaker and sleeker, and people who are not tech savvy, typically the older generation, were vulnerable to such tricks.

In this case, some SMSes are being received in the same thread of SMSes that legitimately originate from BOV, deceiving customers into believing that BOV is sending the message. Fraudsters are also using emails to dupe potential victims. This makes these attempts even more risky and easier to fall for, even if you are aware of such schemes.

These latest scams are all designed to trick potential victims into taking “urgent action” and giving out sensitive financial information such as bank account numbers, passwords, card details or authorising financial transactions.

The bank emphasised that it does not send SMSes containing links to websites. Customers are urged to never click on links that appear in SMSes messages, even if these appear in bank SMSes threads, and should never give out sensitive information.

The bank explained that it will not ask for account or card numbers in full, card CVV details (the three digits at the back of the card), card PINS, internet or mobile banking passwords, codes, signatures, one-time passwords, or multi-factor authentication. Bank employees will never ask customers for information that leads them to carry out financial transactions over the phone.

BOV reminded the public to always remain vigilant and cautious, at all times.

“When in doubt, customers are urged to contact the bank immediately. Calling the number 21312020 will direct them to the legitimate BOV Customer Service Centre, where they can verify any calls or SMSes that they have receive,” BOV stated.

In addition, APS Bank has also issued a statement after receiving reports of phishing attempts by SMSes targeting the bank. Here, the message was also reported to be received in the same thread as other legitimate messages from the bank. “If in doubt, please call our contact centre on 21226644,” APS said.