Phishing Emails
As per the "United States Computer Emergency Readiness Team (US-CERT)", Phishing is a form of social engineering that uses email or malicious websites (among other channels: SMS, phone calls, embedded links, etc…) to solicit personal information from an individual or company by posing as a trustworthy organization or entity. Phishing attacks often use email as a vehicle, sending email messages to users that appear to be from an institution or company that the individual conducts business with, such as banking or financial institution.
One of the most used "Phishing" tactics is sending an email that appears to be from a legitimate source asking you to provide personal information (i.e.: financial information). This fraudulent attempt is to acquire sensitive information (i.e.: usernames, passwords and PINs, etc... ) by tricking you into taking the attackers desired action, clicking on an embedded link or opening an attachment in a spoofed email.
What you should do if you are the victim of any of the below?
If you have any reason to believe that you may have been the victim of a phishing scam or that your account with Lebanon & Gulf Bank has been used fraudulently, call us immediately on our 24/7 Call center 0961 1 965965 or email us on complaints@lgbbank.com
Changing your e-banking Email, User ID and Password might be required depending on the nature of the information you revealed.
Fraudulent email trends can take different forms which can be, but not limited to:
-
Emails containing "Urgent call to act"instructions such as:
-
"We're updating our records";
-
"We've identified fraudulent activity on your account, you are requested to validate the attached invoice immediately";
-
"Valuable account and personal information was lost due to a computer glitch, please click on the link to update your information";
-
"Update your online account credentials within 48 hours or your account will be closed or cancelled".
These previous examples are used to encourage, threaten and urge the user to act immediately;
Invoking a sense of urgency or fear is a common phishing tactic.
Confirmation or complaint emails
+
An email claiming to be a confirmation of payment for example or a complaint that needs to be filled by the recipient. The user will be asked to open a link or an attachment to find out what is being referenced to.
Emails asking the user to click on a link
+
The link looks official, but it will redirect you to a completely different website very similar to the Bank's official website (www.lgbbank.com) to trick you into entering your credentials.
Moreover, if you click on the link, it might install a malicious code on your device without your proper knowledge. If you see a link in a suspicious email message, don't click on it.
Cyber crime indicators via e-mails
+
Some indicators about cyber crime via e-mails:
-
The sender's email address does not belong to someone you recognize.
-
Email containing pushing words such as "Urgent", "Secret" or "Confidential".
-
Email account closely similar to the Bank’s e-mail account with a slight difference in a letter, number, code or signal. For Example, replacing the "g" by a "q": "AAA@lqbbank.com" instead of "AAA@lgbbank.com".
Spammers intend to use fake or spoofed e-mail addresses.
--Impersonating well known organizations is an attempt to remove doubt or concerns about the e-mail's origination. Example: using the email "AAA@lgb-bank.com" instead of "AAA@lgbbank.com".
-
Email sent on behalf of the Bank telling you that you have won a prize.
-
Email content having a lot of flagrant grammar mistakes and weak spelling, very different from the previously used emails conversation.
-
Fraudulent emails addressed to a vague "Dear Valued Customer". Please watch out if you receive such email because legitimate businesses usually use a personal salutation with your first and last name.
-
Email pretending to be from LGB Bank requesting sensitive and personal information.
Kindly note that LGB Bank will never ask you, for any sensitive information or critical account details update through emails or SMS, due to the fact that these channels are not secured.
-
Don’t give any sensitive, personal or financial information related to yourself or related to your Bank through emails.
-
Do not use the "reply" option for emails; instead use the "Forward" option to choose the sender’s email from your mailing list due to the fact that the sender’s email may be close to the legitimate one but related to a hacker who created a similar email to trick the users.
-
Use two or more email addresses: one for your banking transactions and another one for your social media accounts and others.
P.S: Don’t put the one used for banking on your business card.
-
Don’t believe everything you see
Phishing attackers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, this does not mean that it’s legitimate. Be skeptical when it comes to your email messages.
If it looks even remotely suspicious, don’t open it.
Kindly note that LGB Bank will not process any transaction in case the bank did not reach his customer and confirmed with him prior to any transfer.
DO NOT open any link or any attachment whether it is a .zip, .rar, .pdf, .exe, .dll, .scr, .cox, .com, .bat, .vbs, dit, shs, pif or word, excel and PowerPoint file from any unknown sources. It may be source of malwares.
