WhatsApp, false messages from the bank: they steal your current account data

Italian account holders are at risk of fraud. A message via WhatsApp invites you to immediately change your access credentials, but it's phishing

Just as Unicredit is taking steps, in these days, to deliver by mail a notice to its customers and former customers affected by the maxi data theft discovered last month, hackers have set up yet another phishing campaign to steal the access data to the current account of Unicredit, Sanpaolo and BNL customers.

This time the scam is conveyed via WhatsApp. Several account holders of these banks have reported receiving a fraudulent message via the well-known instant messaging service. Previously, such messages had only been sent via SMS or e-mail. The content of the message, however, is very similar: "Dear user" and then the urgent warning that it is necessary to update the access data to the online account for security reasons. If we follow the procedure required by the hackers, then, we give them access to our online bank account.

Scam via WhatsApp: don't click on that link

Also via WhatsApp, then, the user is invited to click on a link that should send him to the official website of the online bank. But, of course, this is not the case: the link points to a scam site, with a domain name very similar to the real site of the bank in question. In the fake site the account holder is invited to enter the "old" credentials (which in reality are still perfectly fine) and to choose the new ones. In this way, the user tells the hackers his current access data (username and password) to his online account.

Banking scams via WhatsApp: what you risk and how to defend yourself

The risk resulting from such scams, however, is relatively low: at least in theory hackers should not be able to move money from our account to another. This is because, with the adoption also in Italy of the new European directive "PSD2", to make any movement on an online account it is necessary to enter codes that are sent to us on our cell phone. This is, in essence, the application of two-factor authentication also to online current accounts.

For this reason, if we receive security codes from our bank (the real one) for operations that we are not carrying out, it means that someone has hacked our account and is trying to make a transfer. In any case, as you should always do with phishing attempts, you should not take for true every message that "seems" to come from our bank: check well the address or the number of the message, ask the customer service if that message is true and, above all, never click on any link.