QCOSTARICA – Users of BAC San José online should be careful with the emails they supposedly receive from the bank, given that the latest strategy for scammers is to use a fake website to collect personal data from customers.
Through an email, criminals ask the user to link an email to their bank account. The message warns that if the indicated is not done, the account will be suspended.
Once the client clicks on the link provided in the email, a fake website, but it is very similar to the official BAC website, is displayed.
If the person provides their username and password information, the information will be used by the scammers to immediately drain the bank account.
Before opening any link, verify that it is the bank’s official website. More importantly, do not access the bank’s website from the email, type in the web address directly on your browser.
Also, check the security features of each page you visit: that it has a security lock on the address bar, followed by https: and the name of the site’s bank without misspellings. In the attached explanatory video you will find more details of how this fraud is committed.
The BAC assures that “the amount of fraud suffered by clients in the last year has been reduced by half” but that “education is the most important measure to avoid falling into the trap of scammers.”
According to data from the OIJ and the bank, in 2020, there were more than 4,000 complaints of electronic fraud. As of March of this year, 1,539 complaints had been filed.
The BACoffers 12 recommendations to avoid being a victim of bank scams:
- Never share confidential information with a third party or enter such information on unofficial or non-bank pages.
- Be suspicious of any phone call that asks you to enter websites where you must enter sensitive data such as username, password or that asks you to give codes by phone that arrive in your email.
- Set passwords longer than 10 characters, combining uppercase and lowercase letters, numbers and symbols.
- Activate the double authentication factor in all possible accounts (bank, mail, social networks, applications).
- Change passwords periodically; it is recommended every 3 months.
- Do not repeat a password in more than one application, service or website.
- Safely configure the security and privacy parameters of your devices, applications or social networks.
- Use a good antivirus or antimalware on all your devices.
- Avoid bank transactions if you are connected to the Internet with public networks (that is you are using someone’s internet connection, such as the mall, a friend’s house, etc.
- Avoid using “pirated” apps as they generally come with malware that spies on your device and steals information.
- Do not browse insecure or doubtful sites with work devices or that you use to carry out banking transactions.
- Never store passwords in web browsers. (You know that nice feature where your browser wants to make your life easier by remembering your passwords? Always say NO when accessing banks and other sensitive information accounts).