Protect yourself from fraud and phishing

With email, online shopping, social media etc., the internet has pushed back the boundaries. Beware, fraud attempts by telephone, text message or email are currently taking place.

To keep the experience positive and avoid pitfalls, some vigilance is required. 

Access to BNP Paribas Wealth Management digital platforms is authenticated at login via an OTP or biometric recognition. 

You must exercise extreme caution when providing personal details, transacting or transferring funds. We advise you to validate any engagement or transaction request with your assigned Relationship Manager on your registered contact number. 

If you have any doubts, please contact your assigned Relationship Manager on your registered contact number or reach us via the “Contact us to report fraud” button below and we will contact you.

 

Man phone computer office

Online fraud: a brief glossary

 

  • Phishing: a fake e-mail that asks you to update your bank details or personal information on a fraudulent site by posing as someone you trust (administration, bank, online store, etc.). 
 
  • Pharming: a technique that tricks you into installing a Trojan Horse virus in order to redirect a website’s traffic to a pirate site. 
 
  • Malware: software that enables pirates to take control of your computer remotely in order to carry out malicious operations

#1 - Have you received a strange message?


Do not click on links from suspicious SMS, emails, websites or social media

In general, never share your confidential data. Any exchange of sensitive data with the Bank should be done via our secure channel, myWealth.

#2 - How do you recognise fraud?


Convincing and believable

To avoid being caught out, you need to start recognising various types of fraud - which is not easy at first glance.

  • Fraudsters use all types of channels such as: emails, text messages, phone calls, social media, letters etc. So any communication could be fraudulent, regardless of its form. 
  • The logo, font, footer and signature all make the message look like it could be from the alleged sender. Fraudsters can also create perfect copies of official websites. It's hard to tell the difference without checking the URL carefully. 
  • The message content seems totally credible. And that's normal: fraudsters are very ingenious in devising a plausible scenario. • Fraudulent messages no longer necessarily contain spelling mistakes. 
  • The language used is often excellent: fraudsters speak perfect English or French. And they are usually very friendly. 
  • They can spoof phone numbers and email addresses, which seem correct but aren’t. 
  • They can also do things like intercept an invoice you're expecting by email after purchasing goods or services and change the payee’s account number. So check all the details (sender's email address, phone number etc.) and compare the account number with the one on your order.

Reasons to be suspicious

  • The goal is to obtain confidential information. Are your secret codes being requested? If so, it’s highly likely that it's an attempt to commit fraud. 
  • The message is clear, you need to take urgent action. You feel pressured, stressed. And that's exactly what they want: to get you to act without taking the time to think. You lower your guard and end up giving them the requested information. 
  • You're asked to pay money, whether the fraudsters are posing as a supplier for an allegedly unpaid invoice or as a friend stuck in hospital, by clicking on a link. 
  • An email is sent to you to finalise your online purchase and initiate payment. You're invited to click on the link in the email. If you click, you're directed to a fraudulent website where your banking data will be captured. 

 

As you’ll have realised, this type of scam involves a certain amount of psychological manipulation.

#3 - How should you react?


Never share your confidential data

There are fraudsters who try to impersonate BNP Paribas staff by email, text message and telephone and also on social media platforms for fraudulent purposes, including account opening, transferring of funds and / or soliciting investments. Under no circumstances will the Bank EVER ask you:

  • for your sensitive personal data (login, password, etc) 
  • for any codes received by text message or by phone 
  • to install any software allowing us to take control of your device remotely 
  • to transfer money into a supposedly secure account Similarly, we will NEVER come to your home to collect your codes, mobile phone or any sensitive personal data like login details and passwords.

Antivirus programmes are your best friends: update them regularly and pair them with an anti-malware app for optimal protection against malicious programs


You can find more information to protect yourself here: Keep Your Personal Digital Keys Safe

Protect yourself from fraud and phishing