The cell phone rings and the name of your bank appears on the caller ID. You answer and a person asks you for the access codes or offers to open an alternate account to avoid “theft” of your money at that precise moment. What should you do?
The answer is to immediately hang up and call your bank to report that you have been the victim of a fraud attempt.
So far this year, Citibanamex estimates that this fraud attempt against account holders has tripled compared to the first months of 2021, and that now the modality aims to try to trick customers into having their data and stealing their money.
“What they (criminals) are doing is searching the entire chain of customer service and the use of financial services (…) They have moved from what was card counterfeiting, card theft, NIP and a series of frauds that existed before towards how to deceive customers so that customers send them their money”, says Gastón Huerta , director of Fraud Prevention at Citibanamex, in an interview.
The manager adds that in the last five years, the bank has invested more than 90 million dollars in anti-fraud technological infrastructure and that its security protocols include monitoring of its personnel to avoid complicity with criminals.
Is account holder fraud multiplying?
Fraud, if we look at it comprehensively, has not grown. What has advanced is the number of attempts that are happening and the ones that the predator, instead of trying to do direct fraud in the bank, is trying to do it through the clients.
We have seen a very significant decrease in fraud in recent years and due to the controls that we have implemented in the bank, what they are doing is searching throughout this chain of customer service and the use of financial services where that link could be that they can explode.
What should Citibanamex users do to prevent these increasingly sophisticated scam attempts?
Considering the way in which the scammers are operating, we would recommend that you do not trust the calls in which you see that the phone number is from the bank, because that phone that we as customers know is only used for us to call and ask for services
The bank never calls us from that phone, and what the scammers are doing is what we call phone spoofing : they mask the real number of the phone they are calling from and overlay the bank number so that the potential victim trusts. So the first recommendation is not to trust calls that are supposed to be from the bank, and even less so if they start asking for information.
The second suggestion is to never provide password information to my bank accounts or my online banking. No one from the bank is going to ask me for it, I don’t have to give it to anyone.
And third, is that at the end of this entire deception process, the criminals ask people to register a new account that they call an armored account and then transfer the money, but what they are doing is registering the scammer’s account and transfer money to him.
Do not believe anyone who asks you to transfer your money to a shielded or protected account. Do not transfer money to anyone. Your money is safe in the bank. If you have questions, you can call: the phone number is on the back of the card or on the account statement.
What to do if you have already been a victim of fraud?
You need to call the bank so we can help you block your money and see if we still have time to get it back. If you have already transferred it to the scammers account then we immediately take action to try to go for that money, whether it is in another account of the same bank or any other. We have interbank agreements, we help each other protect all clients throughout the financial system, so if the client has already realized what happened to him, he should call us immediately. By phone it is faster and there we internally have the protocols implemented to support customers.
What information should I have on hand?
We are going to ask for security and protection protocols to make sure that the one calling us is the client. There we are going to ask you to authenticate yourself with the access codes that you already have to access this service, such as the telephone PIN, if you do not have it you can use the PIN of your card plus your date of birth.
And a third option, if you didn’t have one, we’re going to send a one-time password to your cell phone and we’re going to ask you to return it to us and make sure who’s calling us.
What if he goes to the branch?
What you have to bring is your INE.
What measures does the bank take to stop fraud attempts?
In the last five or six years, we have invested more than 90 million dollars in anti-fraud technology infrastructure that helps us better manage risk and allows us to monitor 24-hour activity on the card, electronic banking services, at ATMs automatic. We have reduced fraud in this same period between 70% and 75%.
Another part is that as a result of these investments, fraudsters find it increasingly difficult to break security barriers, so what they do is go looking for the customer, they seek to deceive him.
How are the processes to safeguard the account holders’ data with your staff?
We don’t have an insider. Our entire fraud prevention model includes internal fraud potential monitoring, we have people dedicated to monitoring bank personnel and when there is a fraud event we review it against our internal monitoring system to see if any employee could have been involved, if We detect it immediately and take action.