Discovery Bank flight scam warning

Discovery Bank has warned its customers about fraudulent airline advertisements on social media that lure people into remote access scams.

This involves a phishing attack where criminals manipulate victims into giving them access to their mobile devices and remote banking app.

Phishing is when criminals manipulate targets into revealing sensitive information using links that direct them to a fraudulent website.

The idea is to attempt this attack on a large number of targets, hoping that one eventually takes the bait. By posting an ad on social media, scammers can get the attention of thousands of potential victims.

On the other hand, the attack also employs social engineering, which exploits human psychology to gain information from an unsuspecting victim.

“Criminals know the weakest link in the security chain is a human and will pose as a bank representative to exploit the victim’s inclination to trust,” the South African Banking Risk Information Centre (Sabric) says.

In the case mentioned by Discovery, it said that once victims have been lured to the fake website from social media, they make contact with someone posing as a travel agent.

The attacker contacts victims after they enquire about the advertisement and attempt to trick them into downloading a fake airline app.

Once they download the app, the bank said scammers gain remote access to their devices, hence the attack’s name.

After the fraudster has gained access to the victim’s device, they are instructed to log into their banking app, after which the screen goes blank.

The scammer now has access to their victim’s device and their banking app, allowing them to make several transactions before the bank eventually shuts them out.

To protect against such attacks, Discovery Bank said the first step is to avoid ads that are too good to be true.

If the ad looks legitimate, the next step is to book the flights on official airline websites or from trusted travel agencies.

Scammers do their best to pass their fake websites as legitimate, making this easier said than done. However, Sabric suggests using YIMA to verify website URLs before using them.

To avoid falling victim to a similar remote access scam, the bank says users must never allow remote access on their devices or log into their banking app while screen sharing.

Discovery also points to pressure tactics like limited-time offers or urgent requests as red flags to look out for.

Remote access scams on the rise

FNB also recently described a similar form of social engineering used to gain access to a victim’s personal computer by offering assistance to block fraudulent transactions.

Called a remote access attack, the bank said it typically starts with a fraudster contacting the target via phone, impersonating a member of their anti-fraud department.

If the victim believes the caller and accepts their assistance, the fraudster tells the potential victim to download and install protective software on their PC.

Although the software may look legitimate to the unsuspecting eye, it will allow the fraudster to access their victim’s computer remotely via the Internet.

After being guided through the installation process, the fraudster will ask their target to log into their personal Online Banking profile.

FNB said that once the person has done this, their screen will immediately go blank, and they will start receiving several one-time pins (OTPs) on their phone for transactions they have not made.

The fraudster, still in contact with their victim via the phone, will then reassure them that these are fraudulent transactions and that the OTPs must be sent to them.

However, they instead use these OTPs to authenticate the transactions made using the stolen banking details.